Skip to main content

Peel Shopping

6 CVEs product

Monthly

CVE-2021-41672 MEDIUM POC This Month

PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Peel Shopping
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-37593 CRITICAL POC Act Now

PEEL Shopping version 9.4.0 allows remote SQL injection. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Peel Shopping
NVD GitHub Exploit-DB
CVSS 3.1
9.1
EPSS
5.2%
CVE-2021-27190 MEDIUM POC PATCH This Month

A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Peel Shopping
NVD GitHub
CVSS 3.1
5.4
EPSS
1.6%
CVE-2018-1000887 MEDIUM POC This Month

Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java XSS Peel Shopping
NVD GitHub
CVSS 3.0
4.8
EPSS
0.7%
CVE-2012-5227 HIGH POC This Week

SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Peel Shopping
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-5226 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Peel Shopping
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.6%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Peel Shopping
NVD GitHub VulDB
EPSS 5% CVSS 9.1
CRITICAL POC Act Now

PEEL Shopping version 9.4.0 allows remote SQL injection. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Peel Shopping
NVD GitHub Exploit-DB
EPSS 2% CVSS 5.4
MEDIUM POC PATCH This Month

A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Peel Shopping
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java XSS Peel Shopping
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Peel Shopping
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Peel Shopping
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy