CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-23975

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile8.29th
Published2020年8月27日
Last Modified2024年11月21日

Vulnerability Description

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.

Affected Platforms (CPE)

📦
Webexcels

Ecommerce Cms

= 2017
📦
Webexcels

Ecommerce Cms

= 2018
📦
Webexcels

Ecommerce Cms

= 2019
📦
Webexcels

Ecommerce Cms

= 2020

References & Advisories

🔗 https://cxsecurity.com/issue/WLB-2020030174
🔗 https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html
🔗 https://cxsecurity.com/issue/WLB-2020030174
🔗 https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html

相关漏洞威胁

CVE-2020-239769.8

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.

CVE-2020-239789.8

SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"

CVE-2006-50966.8

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...