Vulnerabilities > Ectouch

DATE CVE VULNERABILITY TITLE RISK
2023-08-28 CVE-2023-39560 SQL Injection vulnerability in Ectouch 2.0
ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.
network
low complexity
ectouch CWE-89
critical
9.8
2022-02-24 CVE-2022-25098 Unspecified vulnerability in Ectouch 2.0
ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter.
network
low complexity
ectouch
critical
9.1
2021-07-30 CVE-2020-21806 SQL Injection vulnerability in Ectouch 2.0
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..
network
low complexity
ectouch CWE-89
critical
9.8
2021-07-14 CVE-2020-18144 SQL Injection vulnerability in Ectouch 2.0
SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php.
network
low complexity
ectouch CWE-89
critical
9.8