Vulnerabilities > Shopex > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-29 | CVE-2023-5293 | Unspecified vulnerability in Shopex Ecshop 4.1.5 A vulnerability, which was classified as critical, was found in ECshop 4.1.5. | 6.5 |
| 2023-08-04 | CVE-2023-39112 | Improper Authentication vulnerability in Shopex Ecshop 4.1.16 ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. | 6.5 |
| 2021-06-28 | CVE-2020-20640 | Cross-site Scripting vulnerability in Shopex Ecshop 4.0 Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | 6.1 |