Lucene search

Bagisto Security Vulnerabilities

cve

CVE-2023-36236

Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file...

4.8CVSS

7.6AI Score

0.001EPSS

2024-01-16 10:15 PM

cve

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection...

8.8CVSS

8.8AI Score

0.001EPSS

2023-06-28 08:15 PM

cve

CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other...

8.8CVSS

8.7AI Score

0.001EPSS

2019-09-18 12:15 PM

cve

CVE-2019-14933

Bagisto 0.1.5 allows CSRF under /admin...

8.8CVSS

8.7AI Score

0.001EPSS

2019-08-11 09:15 PM