Approved changes feed: RSS · Atom

cpe:2.3:a:oscommerce:ce_phoenix:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorOscommerce (098fcb3a-981f-5eec-92bc-f7a3c45bbae2)
ProductCe Phoenix (1c17f020-1ff4-5c30-af5b-7f4227111bb2)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/ce-phoenixcart/phoenixcart purl2cpe 2026-06-01 10:12:48.791173
pkg:github/gburton/ce-phoenix purl2cpe 2026-06-01 10:12:48.791177

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-26521 vulnerable 2026-06-08 06:31:26.475104 Details available
HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component.
Published: 2024-03-12T00:00:00.000Z
Updated: 2024-08-27T20:13:50.048Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-25415 vulnerable 2026-06-08 06:31:22.914303 Details available
A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.
Published: 2024-02-16T00:00:00.000Z
Updated: 2024-08-28T20:04:01.539Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.