abantecart/abantecart-src

GitHub

github.com

www.abantecart.com

Releases23

Frequency5 months 1 week

Last Release about 2 months ago

Stars150

AbanteCart is a free PHP based eCommerce solution for merchants to provide ability creating online business and sell products online quick and efficient. AbanteCart application is built and supported by experienced enthusiasts that are passionate about their work and contribution to rapidly evolving eCommerce industry. AbanteCart is more than just a shopping cart, it is rapidly growing eCommerce platform

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-50801 ↗	Oct 31, 2024Thursday, 31 October 2024, 19:15	6 MEDIUM	—
A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in the update() function in public_html/admin/controller/responses/listing_grid/collections.php. The vulnerability is exploitable via the id parameter.
CVE-2024-50802 ↗	Oct 31, 2024Thursday, 31 October 2024, 19:15	6 MEDIUM	—
A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in the update() function in public_html/admin/controller/responses/listing_grid/email_templates.php. The vulnerability is exploitable via the id parameter.
CVE-2021-42050 ↗	Dec 14, 2021Tuesday, 14 December 2021, 15:15	6.1 MEDIUM	4.3 MEDIUM
An issue was discovered in AbanteCart before 1.3.2. It allows DOM Based XSS.
CVE-2021-42051 ↗	Dec 14, 2021Tuesday, 14 December 2021, 15:15	5.4 MEDIUM	3.5 LOW
An issue was discovered in AbanteCart before 1.3.2. Any low-privileged user with file-upload permissions can upload a malicious SVG document that contains an XSS payload.