Filtered by vendor Hhg-multistore
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46448 | 1 Hhg-multistore | 1 Multistore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID. | |||||
| CVE-2021-46447 | 1 Hhg-multistore | 1 Multistore | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in H.H.G Multistore v5.1.0 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the State parameter under the Address Book module. | |||||
| CVE-2021-46446 | 1 Hhg-multistore | 1 Multistore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_group_edit&aagID. | |||||
| CVE-2021-46445 | 1 Hhg-multistore | 1 Multistore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id. | |||||
| CVE-2021-46444 | 1 Hhg-multistore | 1 Multistore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID. | |||||