📦 Ecshop

CVE-2021-43679 is a critical SQL injection vulnerability in ECShop v2.7.3's API client component that allows attackers to execute arbitrary SQL commands. This affects all ECShop v2.7.3 installations u...

This vulnerability allows attackers to execute arbitrary SQL commands through the id parameter in ECShop 3.0's admin/shophelp.php file. This affects all ECShop 3.0 installations with the vulnerable ad...

ECShop 4.1.0 contains a SQL injection vulnerability that allows attackers to execute arbitrary SQL commands through crafted inputs. This can lead to unauthorized access to sensitive database informati...

Ecshop 3.6 contains a cross-site scripting (XSS) vulnerability in the article_cat.php file that allows attackers to inject malicious scripts into web pages. This affects all users of Ecshop 3.6 who ac...