Vulnerabilities > Peel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2021-41672 | SQL Injection vulnerability in Peel Shopping 9.4.0 PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. | 6.5 |
| 2021-02-12 | CVE-2021-27190 | Cross-site Scripting vulnerability in Peel Shopping 9.3.0/9.4.0 A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. | 5.4 |
| 2020-01-09 | CVE-2019-20178 | Cross-Site Request Forgery (CSRF) vulnerability in Peel Shopping 9.2.1 Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user. | 6.5 |
| 2018-12-28 | CVE-2018-1000887 | Cross-site Scripting vulnerability in Peel Shopping 9.1.0 Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. | 4.8 |