Skip to main content

Ecshop

9 CVEs product

Monthly

CVE-2024-35362 MEDIUM POC This Month

Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ecshop
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-1530 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ecshop
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5294 HIGH POC This Week

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-5293 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-39112 MEDIUM POC This Month

ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ecshop
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-1185 HIGH This Week

A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Ecshop
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-1184 HIGH This Week

A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Ecshop
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-0783 CRITICAL POC Act Now

A vulnerability was found in EcShop 4.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Ecshop
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-43679 CRITICAL POC Act Now

ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ecshop
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ecshop
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ecshop
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH POC This Week

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ecshop
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Ecshop
NVD GitHub VulDB
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Ecshop
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in EcShop 4.1.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Ecshop
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ecshop
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy