Webkul: Security Vulnerabilities
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.
CVSS Score
6.1
EPSS Score
0.087
Published
2023-05-11
Webkul krayin crm before 1.2.2 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.006
Published
2022-06-21
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
CVSS Score
8.8
EPSS Score
0.014
Published
2019-09-18
Bagisto 0.1.5 allows CSRF under /admin URIs.
CVSS Score
8.8
EPSS Score
0.006
Published
2019-08-11
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
5.0
EPSS Score
0.14
Published
2010-05-03
Page 6