Vulnerabilities > Welcart > Welcart E Commerce > 2.8.17

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-43493 SQL Injection vulnerability in Welcart E-Commerce
SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information.
network
low complexity
welcart CWE-89
4.9
4.9
2023-09-27 CVE-2023-43610 SQL Injection vulnerability in Welcart E-Commerce
SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.
network
low complexity
welcart CWE-89
8.8
8.8
2023-09-27 CVE-2023-43614 Cross-site Scripting vulnerability in Welcart E-Commerce
Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.
network
low complexity
welcart CWE-79
6.1
6.1