Filtered by vendor Shopex
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39112 | 1 Shopex | 1 Ecshop | 2023-08-08 | N/A | 6.5 MEDIUM |
| ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. | |||||
| CVE-2020-20640 | 1 Shopex | 1 Ecshop | 2021-07-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability. | |||||