Vulnerabilities > Welcart > Welcart E Commerce > 2.8.17
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-43493 | SQL Injection vulnerability in Welcart E-Commerce SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information. | 4.9 |
2023-09-27 | CVE-2023-43610 | SQL Injection vulnerability in Welcart E-Commerce SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations. | 8.8 |
2023-09-27 | CVE-2023-43614 | Cross-site Scripting vulnerability in Welcart E-Commerce Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | 6.1 |