2 matches found
CVE-2020-23976
Webexcels Ecommerce CMS 2.x (2017–2020) is affected by CVE-2020-23976 due to an SQL Injection in the content.php id parameter. The root cause is improper handling of the id input, enabling an attacker to influence SQL queries. The data shows an affected product/version range, and the CVSS metrics...
CVE-2020-23975
CVE-2020-23975 affects Webexcels Ecommerce CMS 2.x (2017–2020). The vulnerability is a cross-site scripting flaw exploitable via the id parameter in search.php. No detailed exploit vectors or patch information are provided in the connected documents; remediation details are not stated. In summary...