28 matches found
EUVD-2015-7690
Malware in sbrugna...
EUVD-2020-20801
Malware in sbrugna...
EUVD-2016-5810
Malware in sbrugna...
EUVD-2016-5807
Malware in sbrugna...
EUVD-2016-5808
Malware in sbrugna...
CVE-2023-22705
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Collne Inc. Welcart e-Commerce plugin = 2.8.10 versions...
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
Design/Logic Flaw
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
CVE-2020-28339
CVE-2020-28339 affects the WordPress plugin Welcart e-Commerce (usc-e-shop) up to version 1.9.36. The issue is an authenticated PHP Object Injection via usces_unserialize, with the CVE description noting there is not a complete POP chain. Affected: plugin in WordPress; root cause: object injectio...
WordPress Collne Welcart e-Commerce Plugin Executes Arbitrary PHP Code Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Collne Welcart e-Commerce is one of the e-commerce plug-ins. A security vulnerability exists in the WordPress Collne Welcar...
CVE-2016-4828
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account...
CVE-2016-4827
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826...
CVE-2016-4827
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826...
CVE-2016-4826
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...
CVE-2016-4826
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...
CVE-2016-4825
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data...
Design/Logic Flaw
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data...
CVE-2016-4826
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...
CVE-2016-4828
The CVE affects WordPress plugin Collne Welcart e-Commerce, prior to version 1.8.3. A vulnerability in session handling lets a remote attacker log in as a user by knowing the user’s e-mail address, granting user-level access and enabling arbitrary operations as described in multiple sources. Reme...
CVE-2016-4825
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data...