Skip to main content

Orocommerce

3 CVEs product

Monthly

CVE-2023-32065 PHP MEDIUM PATCH This Month

OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Orocommerce
NVD GitHub
CVSS 3.1
5.8
EPSS
0.5%
CVE-2023-32064 PHP MEDIUM PATCH This Month

OroCommerce package with customer portal and non authenticated visitor website base features. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Orocommerce
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-31037 PHP MEDIUM PATCH This Month

OroCommerce is an open-source Business to Business Commerce application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Orocommerce
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Orocommerce
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

OroCommerce package with customer portal and non authenticated visitor website base features. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Orocommerce
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

OroCommerce is an open-source Business to Business Commerce application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Orocommerce
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy