collne inc.

Top products

The 12 most recently published vulnerabilities affecting collne inc..

• CVE-2023-50847WordPress Welcart e-Commerce Plugin <= 2.9.3 is vulnerable to SQL Injection7.6Dec 28, 2023
• CVE-2023-43614Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.6.1Sep 26, 2023
• CVE-2023-43610SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended data...8.8Sep 26, 2023
• CVE-2023-43493SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information.4.9Sep 26, 2023
• CVE-2023-43484Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.6.1Sep 26, 2023
• CVE-2023-41962Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.6.1Sep 26, 2023
• CVE-2023-41233Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.6.1Sep 26, 2023
• CVE-2023-40532Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server.4.3Sep 26, 2023
• CVE-2023-40219Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory.7.2Sep 26, 2023
• CVE-2023-22705WordPress Welcart e-Commerce Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)7.1Mar 29, 2023
• CVE-2022-41840WordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerability7.5Nov 18, 2022
• CVE-2021-20734Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors.6.1Jun 22, 2021