Php Multivendor Ecommerce

php_multivendor_ecommerce

Vendor: Php Multivendor Ecommerce Project • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-17960 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
CVE-2017-17959 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.
CVE-2017-17958 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter.
CVE-2017-17957 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
CVE-2017-17956 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter.
CVE-2017-17955 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter.
CVE-2017-17954 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter.
CVE-2017-17953 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter.
CVE-2017-17952 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.
CVE-2017-17951 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 28, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
CVE-2017-17624 1Php Multivendor Ecommerce Project 1Php Multivendor Ecommerce May 13, 2026 Dec 13, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.