CyberSec.Space Logo
Back to CVE Browser

CVE-2020-23975

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile8.29th
PublishedAug 27, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.

Affected Platforms (CPE)

πŸ“¦
Webexcels

Ecommerce Cms

= 2017
πŸ“¦
Webexcels

Ecommerce Cms

= 2018
πŸ“¦
Webexcels

Ecommerce Cms

= 2019
πŸ“¦
Webexcels

Ecommerce Cms

= 2020

References & Advisories

πŸ”— https://cxsecurity.com/issue/WLB-2020030174
πŸ”— https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html
πŸ”— https://cxsecurity.com/issue/WLB-2020030174
πŸ”— https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html

Related Vulnerabilities

CVE-2020-239769.8

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.

CVE-2020-239789.8

SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"

CVE-2006-50966.8

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...