Known Vulnerabilities for products from Peel
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Peel".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-41672 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-06-15 | 2022-06-23 |
| CVE-2021-37593 json | PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL que... | 9.1 - CRITICAL | 2021-07-30 | 2021-09-21 |
| CVE-2021-27190 json | A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly availabl... | 5.4 - MEDIUM | 2021-02-12 | 2021-12-07 |
| CVE-2019-20178 json | Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user. | 6.5 - MEDIUM | 2020-01-09 | 2023-11-07 |
| CVE-2018-1000887 json | Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authentic... | 4.8 - MEDIUM | 2018-12-28 | 2021-02-22 |
| CVE-2018-20848 json | Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an X... | 8.8 - HIGH | 2019-06-30 | 2021-02-22 |
| CVE-2012-5227 json | SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary ... | 7.5 - HIGH | 2012-10-01 | 2017-08-29 |
| CVE-2012-5226 json | Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary w... | 4.3 - MEDIUM | 2012-10-01 | 2017-08-29 |
| CVE-2008-6892 json | SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the r... | 7.5 - HIGH | 2009-08-03 | 2017-09-29 |
| CVE-2008-1507 json | PEEL, possibly 3.x and earlier, has (1) a default [email protected] account with password admin, and (2) a default [email protected]... | 7.5 - HIGH | 2008-03-25 | 2017-09-29 |
| CVE-2008-1506 json | PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.p... | 5 - MEDIUM | 2008-03-25 | 2017-09-29 |
| CVE-2008-1496 json | Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and earlier, allow remote attackers to execute arbitrary SQL com... | 7.5 - HIGH | 2008-03-25 | 2017-09-29 |
| CVE-2008-1495 json | Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authentic... | 6.5 - MEDIUM | 2008-03-25 | 2017-09-29 |
| CVE-2005-3572 json | SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands vi... | Not Provided | 2005-11-16 | 2025-04-03 |
| CVE-2002-2134 json | haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a... | Not Provided | 2002-12-31 | 2025-04-03 |
Known software with vulnerabilities from Peel
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Peel | Peel Shopping | 2.8 |