Vulnerabilities (CVE)

Filtered by vendor Shopex Subscribe

Filtered by product Ecshop

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-43679	1 Shopex	1 Ecshop	2021-12-03	7.5 HIGH	9.8 CRITICAL
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php.
CVE-2020-22204	1 Shopex	1 Ecshop	2021-06-21	7.5 HIGH	9.8 CRITICAL
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .
CVE-2020-22206	1 Shopex	1 Ecshop	2021-06-21	7.5 HIGH	9.8 CRITICAL
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
CVE-2020-22205	1 Shopex	1 Ecshop	2021-06-21	7.5 HIGH	9.8 CRITICAL
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.