Vulnerabilities > PHP Multivendor Ecommerce Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-28 CVE-2017-17959 SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.
network
low complexity
php-multivendor-ecommerce-project CWE-89
critical
 9.8
9.8
2017-12-28 CVE-2017-17957 SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
network
low complexity
php-multivendor-ecommerce-project CWE-89
critical
 9.8
9.8
2017-12-28 CVE-2017-17951 SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
network
low complexity
php-multivendor-ecommerce-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17624 SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce 1.0
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
network
low complexity
php-multivendor-ecommerce-project CWE-89
critical
 9.8
9.8