2 results (0.004 seconds)
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45366
https://notcve.org/view.php?id=CVE-2024-45366
Welcart e-Commerce prior to 2.11.2 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the user's web browser. • https://www.welcart.com/archives/22581.html https://jvn.jp/en/jp/JVN19766555 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42404
https://notcve.org/view.php?id=CVE-2024-42404
SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can login to the product to obtain or alter the information stored in the database. • https://www.welcart.com/archives/22581.html https://jvn.jp/en/jp/JVN19766555 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •