Webkul Bagisto 1.5.1
Approved changes feed: RSS · Atom
cpe:2.3:a:webkul:bagisto:1.5.1:*:*:*:*:*:*:*
part: a version: 1.5.1 update: *
| Vendor | Webkul (08ad6940-8efb-5f93-af42-cb470e3ac46e) |
|---|---|
| Product | Bagisto (c027c149-cff7-5719-8b92-91afba0e0481) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:bitbucket/zaid1102/bagisto |
purl2cpe | 2026-06-01 10:12:35.207257 |
pkg:github/bagisto/bagisto |
purl2cpe | 2026-06-01 10:12:35.207258 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-27499 |
vulnerable | 2026-06-08 06:31:28.999684 |
Details available
Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.
Published: 2024-03-01T00:00:00.000Z
Updated: 2025-08-11T15:56:16.331Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-36238 |
vulnerable | 2026-06-08 06:06:28.663645 |
Details available
Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an attacker to obtain sensitive information via the invoice ID parameter.
Published: 2024-03-13T00:00:00.000Z
Updated: 2024-12-04T21:05:46.475Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33570 |
vulnerable | 2026-06-08 06:06:23.289525 |
Details available
Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).
Published: 2023-06-28T00:00:00.000Z
Updated: 2024-11-27T16:34:15.704Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.