汇总 ecommerce-codeigniter-bootstrap_project 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 跨站脚本与SQL 注入,在 软件部署与生产负载 使用场景中可能带来 会话劫持与数据泄露 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2024-6526 | A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a pa | [email protected] | 5.3 | 0.17% | 2024-07-05 | 2024-11-21 |
| CVE-2024-31823 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the removeSecondaryImage method of the Publish.php component. | [email protected] | 8.8 | 6.19% | 2024-04-29 | 2025-09-26 |
| CVE-2024-31822 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the saveLanguageFiles method of the Languages.php component. | [email protected] | 9.8 | 6.18% | 2024-04-29 | 2025-09-23 |
| CVE-2024-31821 | SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component. | [email protected] | 8.0 | 1.95% | 2024-04-29 | 2025-09-23 |
| CVE-2024-31820 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the getLangFolderForEdit method of the Languages.php component. | [email protected] | 9.8 | 7.40% | 2024-04-29 | 2025-09-23 |
| CVE-2023-23010 | Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php. | [email protected] | 6.1 | 0.46% | 2023-01-20 | 2025-04-03 |
| CVE-2022-35213 | Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php. | [email protected] | 6.1 | 0.22% | 2022-08-18 | 2024-11-21 |
| CVE-2021-40975 | Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote attackers to inject arbitrary web script or HTML via the search_title parameter. | [email protected] | 6.1 | 0.22% | 2021-10-01 | 2024-11-21 |
| CVE-2020-25093 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25092 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25091 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25090 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25089 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25088 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25087 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25086 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php. | [email protected] | 6.1 | 0.24% | 2020-09-03 | 2024-11-21 |