Bagisto@1.5.1 Security Vulnerabilities and Issues — Bagisto@1.5.1 CVE List

Lucene search

WebkulBagisto1.5.1

3 matches found

CVE-2024-27499

Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.

CVE-2023-36238

Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an attacker to obtain sensitive information via the invoice ID parameter.

CVE-2023-33570

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).