Multistore@4.10.3 Security Vulnerabilities and Issues — Multistore@4.10.3 CVE List

Lucene search

Hhg-multistoreMultistore4.10.3

5 matches found

CVE•added 2022/01/28 10:15 p.m.•46 views

CVE-2021-46447

A cross-site scripting (XSS) vulnerability in H.H.G Multistore v5.1.0 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the State parameter under the Address Book module.

5.4CVSS5.3AI score0.00502EPSS

CVE•added 2022/01/28 10:15 p.m.•45 views

CVE-2021-46444

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID.

9.8CVSS9.8AI score0.0025EPSS

CVE•added 2022/01/28 10:15 p.m.•42 views

CVE-2021-46445

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id.

9.8CVSS9.8AI score0.0025EPSS

CVE•added 2022/01/28 10:15 p.m.•41 views

CVE-2021-46446

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_group_edit&aagID.

9.8CVSS9.8AI score0.00773EPSS

CVE•added 2022/01/28 10:15 p.m.•36 views

CVE-2021-46448

H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID.

9.8CVSS9.8AI score0.0025EPSS