Vulnerabilities > Welcart > Welcart E Commerce > 1.0.5

DATE CVE VULNERABILITY TITLE RISK
2016-06-25 CVE-2016-4825 Improper Input Validation vulnerability in Welcart E-Commerce
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data.
network
high complexity
welcart CWE-20
5.6
5.6
2015-12-29 CVE-2015-7791 SQL Injection vulnerability in Welcart E-Commerce
Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column] or (2) switch parameter.
network
low complexity
welcart CWE-89
6.3
6.3