ShopeX/ECShop

Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php.

ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api.php.