Vulnerabilities > Iscripts > Eswap > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2018-11470 | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel. | 8.8 |
| 2018-04-11 | CVE-2018-10050 | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel. | 7.2 |
| 2018-04-11 | CVE-2018-10048 | Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel. | 8.8 |