Vulnerabilities > Shopex > Ecshop > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-15 | CVE-2024-1530 | SQL Injection vulnerability in Shopex Ecshop 4.1.8 A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. | 8.8 |
| 2023-09-29 | CVE-2023-5294 | SQL Injection vulnerability in Shopex Ecshop 4.1.1 A vulnerability has been found in ECshop 4.1.1 and classified as critical. | 8.8 |
| 2023-03-06 | CVE-2023-1184 | Unrestricted Upload of File with Dangerous Type vulnerability in Shopex Ecshop A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. | 8.8 |
| 2023-03-06 | CVE-2023-1185 | Unrestricted Upload of File with Dangerous Type vulnerability in Shopex Ecshop A vulnerability, which was classified as problematic, was found in ECshop up to 4.1.8. | 8.8 |
| 2021-12-02 | CVE-2021-43679 | SQL Injection vulnerability in Shopex Ecshop 2.7.3 ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php. | 7.5 |
| 2021-06-16 | CVE-2020-22204 | SQL Injection vulnerability in Shopex Ecshop 2.7.6 SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. | 7.5 |
| 2021-06-16 | CVE-2020-22205 | SQL Injection vulnerability in Shopex Ecshop 3.0 SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php. | 7.5 |
| 2021-06-16 | CVE-2020-22206 | SQL Injection vulnerability in Shopex Ecshop 3.0 SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php. | 7.5 |
| 2010-05-25 | CVE-2010-2042 | SQL Injection vulnerability in Shopex Ecshop 2.7.2 SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. | 7.5 |