WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access

WordPress Welcart e-Commerce plugin before 2.8.5 is susceptible to arbitrary file access. The plugin does not validate user input before using it to output the content of a file, which can allow an attacker to read arbitrary files on the server, obtain sensitive information, modify data, and/or...

Welcart eCommerce <=2.7.7 - Local File Inclusion

Welcart eCommerce 2.7.7 and before are vulnerable to unauthenticated local file inclusion. id: CVE-2022-41840 info: name: Welcart eCommerce =2.7.8 or apply the provided patch to fix the LFI vulnerability. reference: -...

EUVD-2016-5808

Malware in sbrugna...

EUVD-2020-20801

Malware in sbrugna...

EUVD-2016-5807

Malware in sbrugna...

EUVD-2015-7690

Malware in sbrugna...

EUVD-2016-5810

Malware in sbrugna...

EUVD-2023-55580

Malicious code in bioql PyPI...

EUVD-2023-26834

Malicious code in bioql PyPI...

CVE-2023-22705

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Collne Inc. Welcart e-Commerce plugin = 2.8.10 versions...

CVE-2023-50847

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

CVE-2020-28339

The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...

CVE-2023-50847

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

CVE-2023-50847

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

CVE-2023-50847

CVE-2023-50847 is an SQL injection vulnerability in Welcart e-Commerce (Welcart e-Commerce plugin for WordPress). The issue arises from improper neutralization of input in SQL commands, enabling an authenticated attacker to manipulate queries. Affected versions are Welcart e-Commerce: from n/a th...

JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...

CVE-2023-22705

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Collne Inc. Welcart e-Commerce plugin = 2.8.10 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Collne Inc. Welcart e-Commerce plugin = 2.8.10 versions...

CVE-2023-22705

CVE-2023-22705 concerns an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Welcart e-Commerce by Collne Inc., affecting versions