Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xstore_core
(8theme)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-17 | CVE-2024-33556 | Unrestricted Upload of File with Dangerous Type vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. | Xstore_core | 9.8 | ||
| 2024-05-17 | CVE-2024-33552 | Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8. | Xstore_core | N/A | ||
| 2024-06-04 | CVE-2024-33557 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8. | Xstore_core | 8.8 | ||
| 2024-04-29 | CVE-2024-33551 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5. | Xstore_core | 9.8 | ||
| 2024-04-29 | CVE-2024-33554 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5. | Xstore_core | 6.1 | ||
| 2024-04-29 | CVE-2024-33553 | Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | Xstore_core | 9.8 | ||
| 2024-04-29 | CVE-2024-33558 | Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | Xstore_core | 6.5 | ||
| 2024-06-09 | CVE-2024-33555 | Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. | Xstore_core | 8.8 |