Lucene search
+L

57 matches found

Cvelist
Cvelist
added 2026/07/04 5:30 p.m.34 views

CVE-2026-14637 kirilkirkov Ecommerce-CodeIgniter-Bootstrap ShoppingCart.php getCartItems deserialization

A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...

8.8CVSS0.00598EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/04 5:30 p.m.5 views

CVE-2026-14637

A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...

8.8CVSS5.4AI score0.00598EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 5:30 p.m.27 views

CVE-2026-14637

CVE-2026-14637 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap, specifically the getCartItems function in application/libraries/ShoppingCart.php. Input manipulation of the shopping_cart parameter leads to deserialization, enabling remote exploitation as described. The patch identifier is 49b2...

8.8CVSS6.6AI score0.00598EPSS
Exploits0References7
NVD
NVD
added 2026/07/04 5:16 p.m.10 views

CVE-2026-14634

A vulnerability was identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 213babdbaa949e94557246414db0130e01394517. This vulnerability affects the function checkForPostRequests of the file application/core/MYController.php of the component Subscribed Emails Admin Page. Such manipulation...

5.3CVSS0.00288EPSS
Exploits0References7
NVD
NVD
added 2026/07/04 5:16 p.m.20 views

CVE-2026-14635

A security flaw has been discovered in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 222ff31c06687b1c6d0e1ab63953f82c3674c52b. This issue affects some unknown processing of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Multi-Image Endpoint. Performing ...

7.5CVSS0.00437EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 4:45 p.m.10 views

EUVD-2026-41682

A weakness has been identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 23105f25dadf57b4314fc015a63a7c6e910c89df. Impacted is the function douploadothersimages of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Image Manager. Executing a...

5.5CVSS5.8AI score0.00323EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 4:45 p.m.23 views

CVE-2026-14636

Summary (CVE-2026-14636): A weakness in kirilkirkov’s Ecommerce-CodeIgniter-Bootstrap (Vendor Image Manager) affects the AddProduct.php function do_upload_others_images. The vulnerability arises from manipulating the folder argument, enabling path traversal. It is reportable via remote access. Pu...

5.5CVSS5.8AI score0.00323EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 4:30 p.m.13 views

EUVD-2026-41681

A security flaw has been discovered in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 222ff31c06687b1c6d0e1ab63953f82c3674c52b. This issue affects some unknown processing of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Multi-Image Endpoint. Performing ...

7.5CVSS6.5AI score0.00437EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 4:30 p.m.23 views

CVE-2026-14635

The CVE-2026-14635 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap (vendor’s Vendor Multi-Image Endpoint). The flaw arises from path traversal when manipulating the folder argument in the AddProduct.php handler, enabling remote initiation. Public exploit available; no version specifics are pr...

7.5CVSS6.5AI score0.00437EPSS
Exploits0References7
NVD
NVD
added 2026/07/04 4:17 p.m.10 views

CVE-2026-14632

A vulnerability was found in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 95dfa8cebbb87ab46ae450643a07241274a74dce. Affected by this issue is the function setReferrer of the file application/core/MYController.php of the component Trusted Backend Interface. The manipulation of the argument hr...

5.3CVSS0.00273EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 4:15 p.m.9 views

EUVD-2026-41680

A vulnerability was identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 213babdbaa949e94557246414db0130e01394517. This vulnerability affects the function checkForPostRequests of the file application/core/MYController.php of the component Subscribed Emails Admin Page. Such manipulation...

5.3CVSS4.1AI score0.00288EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 4:15 p.m.17 views

CVE-2026-14634

Summary (CVE-2026-14634) The vulnerability exists in kirilkirkov’s Ecommerce-CodeIgniter-Bootstrap (up to commit 213babdbaa949e94557246414db0130e01394517) and affects the function checkForPostRequests in the file application/core/MY_Controller.php for the Subscribed Emails Admin Page. Manipulatio...

5.3CVSS4.1AI score0.00288EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 3:45 p.m.10 views

EUVD-2026-41679

A vulnerability was determined in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 49b20f53de2b7ec34e920b11c863f1491d911a04. This affects an unknown part of the file /index.php/api/product/set of the component Hidden REST API Endpoint. This manipulation of the argument title/description causes...

5.3CVSS4.2AI score0.00288EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 3:45 p.m.19 views

CVE-2026-14633

The CVE affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap (up to commit 49b20f53de2b7ec34e920b11c863f1491d911a04). The vulnerability targets the Hidden REST API Endpoint and specifically the file /index.php/api/product/set, where manipulating the argument title/description enables cross-site sc...

5.3CVSS4.2AI score0.00288EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/04 3:15 p.m.35 views

CVE-2026-14632 kirilkirkov Ecommerce-CodeIgniter-Bootstrap Trusted Backend MY_Controller.php setReferrer redirect

A vulnerability was found in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 95dfa8cebbb87ab46ae450643a07241274a74dce. Affected by this issue is the function setReferrer of the file application/core/MYController.php of the component Trusted Backend Interface. The manipulation of the argument hr...

5.3CVSS0.00273EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.11 views

PT-2026-55709

Name of the Vulnerable Software and Affected Versions kirilkirkov Ecommerce-CodeIgniter-Bootstrap versions prior to 49b20f53de2b7ec34e920b11c863f1491d911a04 Description A cross site scripting issue exists in the Hidden REST API Endpoint component. A remote attacker can exploit this by manipulatin...

5.3CVSS5.3AI score0.00288EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-17780

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17782

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17781

Malware in sbrugna...

6.1CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-28129

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00811EPSS
Exploits1References1
Rows per page
Query Builder