Welcart E-commerce Security Vulnerabilities and Issues — Welcart E-commerce CVE List

Lucene search

WelcartWelcart E-commerce

7 matches found

CVE•added 2023/09/27 3:19 p.m.•45 views

CVE-2023-43484

Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

6.1CVSS6.1AI score0.00234EPSS

CVE•added 2023/09/27 3:19 p.m.•38 views

CVE-2023-43614

Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

6.1CVSS6.1AI score0.00235EPSS

CVE•added 2023/09/27 3:19 p.m.•37 views

CVE-2023-43610

SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.

8.8CVSS8.9AI score0.00441EPSS

CVE•added 2023/09/27 3:19 p.m.•34 views

CVE-2023-41962

Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.

6.1CVSS6.1AI score0.0032EPSS

CVE•added 2023/09/27 3:19 p.m.•32 views

CVE-2023-43493

SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information.

4.9CVSS5.3AI score0.00393EPSS

CVE•added 2023/09/27 3:19 p.m.•31 views

CVE-2023-41233

Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

6.1CVSS6.1AI score0.00235EPSS

CVE•added 2023/09/27 3:19 p.m.•30 views

CVE-2023-40219

Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory.

7.2CVSS7.2AI score0.00457EPSS