Vulnerabilities > Shopex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-15 | CVE-2024-1530 | Unspecified vulnerability in Shopex Ecshop 4.1.8 A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. | 8.8 |
| 2023-09-29 | CVE-2023-5294 | Unspecified vulnerability in Shopex Ecshop 4.1.1 A vulnerability has been found in ECshop 4.1.1 and classified as critical. | 8.8 |
| 2023-09-29 | CVE-2023-5293 | Unspecified vulnerability in Shopex Ecshop 4.1.5 A vulnerability, which was classified as critical, was found in ECshop 4.1.5. | 6.5 |
| 2023-08-04 | CVE-2023-39112 | Improper Authentication vulnerability in Shopex Ecshop 4.1.16 ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. | 6.5 |
| 2023-03-06 | CVE-2023-1184 | Unspecified vulnerability in Shopex Ecshop A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. | 8.8 |
| 2023-03-06 | CVE-2023-1185 | Unspecified vulnerability in Shopex Ecshop A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. | 8.8 |
| 2023-02-11 | CVE-2023-0783 | Unspecified vulnerability in Shopex Ecshop 4.1.5 A vulnerability was found in EcShop 4.1.5. | 9.8 |
| 2022-06-28 | CVE-2021-41460 | SQL Injection vulnerability in Shopex Ecshop 4.1.0 ECShop 4.1.0 has SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information. | 7.5 |
| 2021-12-02 | CVE-2021-43679 | SQL Injection vulnerability in Shopex Ecshop 2.7.3 ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php. | 9.8 |
| 2021-06-28 | CVE-2020-20640 | Cross-site Scripting vulnerability in Shopex Ecshop 4.0 Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | 6.1 |