CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

ECTouch v2 - SQL Injection

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php. id: CVE-2023-39560 info: name: ECTouch v2 - SQL Injection author: s4e-io severity: critical description: | ECTouch v2 was discovered to contain a SQL injection vulnerabili...

9.8CVSS7.9AI score0.68448EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-14574

Malware in sbrugna...

9.8CVSS9.2AI score0.00245EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-10073

Malware in sbrugna...

9.8CVSS9.5AI score0.00245EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-1127

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00447EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 4:11 a.m.•7 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS8.3AI score0.68448EPSS

Exploits1

RedhatCVE•added 2025/05/22 10:31 p.m.•5 views

CVE-2022-25098

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...

9.1CVSS7AI score0.00447EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:8 p.m.•4 views

CVE-2020-18144

SQL Injection Vulnerability in ECTouch v2 via the integralmin parameter in index.php...

9.8CVSS8.2AI score0.00245EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:56 p.m.•5 views

CVE-2020-21806

SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php...

9.8CVSS8.2AI score0.00245EPSS

Exploits1

ATTACKERKB•added 2023/08/28 5:15 p.m.•1 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS5.8AI score0.68448EPSS

Exploits1References3

NVD•added 2023/08/28 5:15 p.m.•18 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS9.8AI score0.68448EPSS

Exploits1References1

OSV•added 2023/08/28 5:15 p.m.•0 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS5.8AI score

Exploits0References1

Prion•added 2023/08/28 5:15 p.m.•14 views

Sql injection

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

7.5CVSS9.8AI score0.68448EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/08/28 12:0 a.m.•11 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

8.5AI score0.68448EPSS

Exploits1References1

CVE•added 2023/08/28 12:0 a.m.•64 views

CVE-2023-39560

ECTouch v2 is affected by a SQL injection flaw in default/helpers/insert.php via the id parameter ($arr['id']). The vulnerability allows unauthenticated attackers to extract database contents (e.g., customer data, orders, payments). Root cause: use of non-parameterized SQL queries. Evidence from ...

9.8CVSS9.7AI score0.68448EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/08/28 12:0 a.m.•6 views

PT-2023-27022 · Ectouch · Ectouch

Name of the Vulnerable Software and Affected Versions: ECTouch version 2 Description: The issue is a SQL injection vulnerability. It occurs via the id parameter at the defaulthelpersinsert.php location. This allows for potential exploitation by injecting malicious SQL code. Recommendations: For...

9.8CVSS9.5AI score0.68448EPSS

Exploits1References5

Cvelist•added 2023/08/28 12:0 a.m.•16 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

10AI score0.68448EPSS

Exploits1References1

CNNVD•added 2023/08/28 12:0 a.m.•5 views

ECTouch SQL注入漏洞

ECTouch is a software application. An open source mobile mall system to create an enterprise exclusive mobile mall. ECTouch v2 version of a security vulnerability , the vulnerability stems from through the defaulthelpersinsert.php in the parameter id there is a SQL injection vulnerability...

9.8CVSS8.7AI score0.68448EPSS

Exploits1References2