A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp.
6.1CVSS
6AI Score
0.001EPSS
xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter.
9.8CVSS
9.7AI Score
0.003EPSS