← Back

Ecommerce Website

ecommerce_website

Vendor: Codeastro • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-9237
1Codeastro
1Ecommerce Website
Apr 29, 2026
Aug 20, 2025
2.0 LOW· v4
5.4 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the arg...Show more
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.Show less
CVE-2024-2351
1Codeastro
1Ecommerce Website
Feb 26, 2025
Mar 9, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argumen...Show more
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument cat_id/brand_id/keyword leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256303.Show less