Lucene search
K
Ecommerce-codeigniter-bootstrap ProjectEcommerce-codeigniter-bootstrap

12 matches found

CVE
CVE
added 2022/08/18 7:30 p.m.76 views

CVE-2022-35213

CVE-2022-35213 relates to Ecommerce-CodeIgniter-Bootstrap before commit 56465f, where a cross-site scripting (XSS) flaw exists in the base_url() usage at /blog/blogpublish.php. Affected versions before the commit are vulnerable; impact is an XSS risk with potential user interaction. Remediation: ...

6.1CVSS6AI score0.00481EPSS
CVE
CVE
added 2020/09/03 1:40 a.m.61 views

CVE-2020-25091

CVE-2020-25091 : XSS in Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 due to lack of proper validation in application/modules/vendor/views/add_product.php. Multiple sources corroborate the issue; CNVD notes the root cause as missing input validation. No patch/version remediation is specified ...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2021/10/01 3:42 p.m.60 views

CVE-2021-40975

The CVE-2021-40975 entry concerns a Cross-site scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap. Affected component: application/modules/admin/views/ecommerce/products.php within Ecommerce-CodeIgniter-Bootstrap (CodeIgniter 3.1.11, Bootstrap 3.3.7). The root cause is unsanitized i...

6.1CVSS6AI score0.00811EPSS
CVE
CVE
added 2020/09/03 1:41 a.m.59 views

CVE-2020-25088

The CVE-2020-25088 entry relates to Ecommerce-CodeIgniter-Bootstrap (pre-2020-08-03) and allows cross-site scripting in the admin blog publish view (application/modules/admin/views/blog/blogpublish.php). Concrete details from connected sources confirm the vulnerability stems from insufficient val...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2020/09/03 1:40 a.m.59 views

CVE-2020-25092

CVE-2020-25092 affects Ecommerce-CodeIgniter-Bootstrap. The vulnerability is an XSS issue located in _parts/header.php and in the templates at application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. The public records indicate thi...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2024/07/05 1:31 p.m.58 views

CVE-2024-6526

CVE-2024-6526 affects CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The vulnerability arises from manipulation of the arguments search_title, catName, sub, name, and categorie, which leads to cross-site scripting (XSS). It can be exploited remotely, and public exploits/ PoC have been disclosed. A ...

6.1CVSS4.5AI score0.00519EPSS
CVE
CVE
added 2020/09/03 1:41 a.m.56 views

CVE-2020-25087

CVE-2020-25087 affects Ecommerce-CodeIgniter-Bootstrap (pre-2020-08-03) with a stored/reflected XSS in application/modules/admin/views/advanced_settings/languages.php. The NVD entry reports CVSSv2 base 4.3 (MEDIUM) and CVSSv3.1 base 6.1 (MEDIUM), indicating network vector with no authentication, ...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2020/09/03 1:41 a.m.54 views

CVE-2020-25086

CVE-2020-25086 affects Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03, where the vulnerability resides in application/modules/admin/views/advanced_settings/adminUsers.php. The root cause described across connected records is lack of proper validation of client-side data, enabling cross-site ...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2020/09/03 1:40 a.m.48 views

CVE-2020-25090

The CVE-2020-25090 entry corresponds to an XSS vulnerability in Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03, specifically in application/modules/admin/views/ecommerce/publish.php. The root cause is insufficient validation of client-side data in the web application, enabling cross-site scr...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2023/01/20 12:0 a.m.46 views

CVE-2023-23010

CVE-2023-23010 is reported in Ecommerce-CodeIgniter-Bootstrap as a Cross-Site Scripting (XSS) vulnerability that can allow an attacker to execute arbitrary code via the languages and trans_load parameters in add_product.php, following commit d5904379ca55014c5df34c67deda982c73dc7fe5 (Dec 27, 2022)...

6.1CVSS6.1AI score0.00608EPSS
CVE
CVE
added 2020/09/03 1:40 a.m.45 views

CVE-2020-25093

The CVE-2020-25093 entry concerns an XSS vulnerability in Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03. The affected area is blog.php within the templates: clothesshop, onepage, and redlabel. The underlying issue is a cross-site scripting flaw that allows input to be echoed without proper ...

6.1CVSS5.9AI score0.00679EPSS
CVE
CVE
added 2020/09/03 1:40 a.m.40 views

CVE-2020-25089

CVE-2020-25089 affects Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03, allowing cross-site scripting in application/modules/admin/views/ecommerce/discounts.php. Multiple connected sources corroborate an XSS vulnerability stemming from insufficient input validation. The CVSS metrics indicate ...

6.1CVSS5.9AI score0.00679EPSS