cbcvebase.

Enituretechnology Small Package Quotes Unishippers Edition vulnerabilities

3 known vulnerabilities affecting enituretechnology/small_package_quotes_unishippers_edition.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-24665P2CRITICALCVSS 9.3≤ 2.4.82025-01-27
CVE-2025-24665 [CRITICAL] CWE-89 CVE-2025-24665: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows SQL Injection.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.8.
nvd
CVE-2025-26960P4MEDIUMCVSS 6.5≤ 2.4.92025-02-25
CVE-2025-26960 [MEDIUM] CWE-862 CVE-2025-26960: Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers Edition Missing Authorization vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.9.
nvd
CVE-2025-26918P4MEDIUMCVSS 6.1≤ 2.4.92025-03-03
CVE-2025-26918 [MEDIUM] CWE-79 CVE-2025-26918: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows Reflected XSS.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.9.
nvd
Enituretechnology Small Package Quotes Unishippers Edition vulnerabilities | cvebase