Vulnerabilities > Webexcels

DATE CVE VULNERABILITY TITLE RISK
2020-08-27 CVE-2020-23976 SQL Injection vulnerability in Webexcels Ecommerce CMS
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.
network
low complexity
webexcels CWE-89
critical
9.8
2020-08-27 CVE-2020-23975 Cross-site Scripting vulnerability in Webexcels Ecommerce CMS
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.
network
low complexity
webexcels CWE-79
6.1