Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.
6.1CVSS
6.1AI Score
0.006EPSS
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.
9.8CVSS
9.9AI Score
0.006EPSS
SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"
9.8CVSS
9.8AI Score
0.006EPSS
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely....
6.1CVSS
5.9AI Score
0.003EPSS
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filter[brandid] leads to sql injection. It is possible to initiate the attack remotely. ...
9.8CVSS
9.8AI Score
0.001EPSS