Ol-Commerce Project Ol-Commerce vulnerabilities
2 known vulnerabilities affecting ol-commerce_project/ol-commerce.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-5104P3HIGHCVSS 7.5PoCv2.1.12014-07-28
CVE-2014-5104 [HIGH] CWE-89 CVE-2014-5104: Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitr
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) a_country parameter in a process action to affiliate_signup.php, (2) affiliate_banner_id parameter to affiliate_show_banner.php, (3) country parameter in a process action to create_account.php, or (4) entry_country_id parameter
nvd
CVE-2014-5105P4MEDIUMCVSS 4.3v2.1.12014-07-28
CVE-2014-5105 [MEDIUM] CWE-79 CVE-2014-5105: Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote attackers to i
Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) a_country parameter in a process action to affiliate_signup.php or (2) entry_country_id parameter in an edit action to admin/create_account.php.
nvd