Known Vulnerabilities for products from Webkul
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Webkul".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-38532 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-38530 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-38529 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-38527 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-38526 json | Not Provided | 2026-04-14 | 2026-04-14 | |
| CVE-2026-5370 json | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2026-4175 json | Not Provided | 2026-03-16 | 2026-03-17 | |
| CVE-2025-29009 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2023-51210 json | 9.8 - CRITICAL | 2024-01-23 | 2024-01-29 | |
| CVE-2023-39147 json | An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted ima... | 7.8 - HIGH | 2023-08-01 | 2023-08-04 |
| CVE-2023-37636 json | A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary w... | 5.4 - MEDIUM | 2023-10-23 | 2023-10-30 |
| CVE-2023-36289 json | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user... | 6.1 - MEDIUM | 2023-06-23 | 2023-06-29 |
| CVE-2023-36288 json | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user... | 5.4 - MEDIUM | 2023-06-23 | 2023-06-29 |
| CVE-2023-36287 json | An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user... | 6.1 - MEDIUM | 2023-06-23 | 2023-06-29 |
| CVE-2023-36284 json | An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameter date_from, date_to, and id_produc... | 7.5 - HIGH | 2023-06-23 | 2023-06-30 |
| CVE-2023-36235 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2024-01-17 | 2024-01-24 |
| CVE-2023-33570 json | Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI). | 8.8 - HIGH | 2023-06-28 | 2023-07-10 |
| CVE-2023-30256 json | Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information v... | 6.1 - MEDIUM | 2023-05-11 | 2023-05-24 |
| CVE-2023-2925 json | A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of t... | 5.4 - MEDIUM | 2023-05-27 | 2023-11-07 |
| CVE-2021-41924 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-06-21 | 2022-06-28 |
Known software with vulnerabilities from Webkul
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Webkul | Bagisto | 0.1.0 |