EUVD-2023-55580

Malicious code in bioql PyPI...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Collne Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.3...

CVE-2023-50847

CVE-2023-50847 is an SQL injection vulnerability in Welcart e-Commerce (Welcart e-Commerce plugin for WordPress). The issue arises from improper neutralization of input in SQL commands, enabling an authenticated attacker to manipulate queries. Affected versions are Welcart e-Commerce: from n/a th...

JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...

CVE-2023-22705

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Collne Inc. Welcart e-Commerce plugin = 2.8.10 versions...

CVE-2023-22705

CVE-2023-22705 concerns an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Welcart e-Commerce by Collne Inc., affecting versions

JVN#43344629: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability CWE-89 due to a flaw in the processing of searchcolumn and switch parameter in admin.php. Impact An unauthenticated attacker may obtain or alter information stored in the database. Solution Appl...

JVN#92828286: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a SQL injection CWE-89 vulnerability due to the processing of changeSort parameter in admin.php. Impact An attacker that can log in to WordPress with this plugin enabled may obtain or alter...

JVN#97971874: Welcart vulnerable to cross-site scripting

Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting CWE-79 vulnerability due to the processing of uscesreferer parameter in admin.php. Impact If a user views a malicious page while logged into WordPress with this plugin...

JVN#18731696: Welcart vulnerable to cross-site scripting

Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the management page of Welcart. Solution Update the software Update to the latest version according to the...