Filtered by vendor Collne
Subscriptions
Filtered by product Welcart E-commerce
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4828 | 1 Collne | 1 Welcart E-commerce | 2021-09-09 | 6.5 Medium |
| The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an account. | ||||
| CVE-2016-4826 | 1 Collne | 1 Welcart E-commerce | 2021-09-09 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827. | ||||
| CVE-2016-4827 | 1 Collne | 1 Welcart E-commerce | 2021-08-31 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826. | ||||
| CVE-2016-4825 | 1 Collne | 1 Welcart E-commerce | 2021-08-31 | 5.6 Medium |
| The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data. | ||||
| CVE-2020-28339 | 1 Collne | 1 Welcart E-commerce | 2021-07-21 | 8.8 High |
| The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain. | ||||