Vulnerabilities > Webkul > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-18 | CVE-2019-16403 | Authorization Bypass Through User-Controlled Key vulnerability in Webkul Bagisto In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers. | 6.5 |
| 2019-08-11 | CVE-2019-14933 | Cross-Site Request Forgery (CSRF) vulnerability in Webkul Bagisto 0.1.5 Bagisto 0.1.5 allows CSRF under /admin URIs. | 6.8 |
| 2010-05-03 | CVE-2010-1659 | Path Traversal vulnerability in Webkul COM Ultimateportfolio 1.0 Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |