Vulnerabilities > E Commerce Website Project > E Commerce Website > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2022-27330 | Cross-site Scripting vulnerability in E-Commerce Website Project E-Commerce Website 1.0 A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field. | 5.4 |
| 2021-07-23 | CVE-2021-25204 | Cross-site Scripting vulnerability in E-Commerce Website Project E-Commerce Website 1.0 Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php. | 5.4 |