CVE-2024-44651

Medium CVSS: 6.5

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.php.

Vendor

Product

CWE

Yayın Tarihi

2025-11-17 18:15:55

Güncelleme

2025-11-19 13:09:39

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Ecommerce Website MEDIUM Kashipara 2025

https://github.com/leexsoyoung/CVEs/blob/main/CVE-2024-44651.md https://www.kashipara.com/project/php/322/ecommerce-website-in-php-with-source-code-download

Medium

CVE-2026-26464

Stored Cross-Site Scripting (XSS) was found in the /admin/edit_user.php page of Society Management System Portal V1.0, w…

Medium

CVE-2024-44653

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php.

Medium

CVE-2024-44652

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastna…

Medium

CVE-2024-46334

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser and formpassword par…

Medium

CVE-2024-46336

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/feedback.php.

Medium

CVE-2025-26158

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page of Kashipara Online Att…