Vulnerabilities > Webkul > Bagisto > 0.1.5

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-36236 Cross-site Scripting vulnerability in Webkul Bagisto
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad.
network
low complexity
webkul CWE-79
4.8
4.8
2019-08-11 CVE-2019-14933 Cross-Site Request Forgery (CSRF) vulnerability in Webkul Bagisto 0.1.5
Bagisto 0.1.5 allows CSRF under /admin URIs.
network
low complexity
webkul CWE-352
8.8
8.8