php_multivendor_ecommerce_project CVE Vulnerabilities & Metrics

Focus on php_multivendor_ecommerce_project vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About php_multivendor_ecommerce_project Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with php_multivendor_ecommerce_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total php_multivendor_ecommerce_project CVEs: 11
Earliest CVE date: 13 Dec 2017, 09:29 UTC
Latest CVE date: 28 Dec 2017, 18:29 UTC

Latest CVE reference: CVE-2017-17960

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical php_multivendor_ecommerce_project CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.75

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	0
4.0-6.9	7
7.0-8.9	4
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS php_multivendor_ecommerce_project CVEs

These are the five CVEs with the highest CVSS scores for php_multivendor_ecommerce_project, sorted by severity first and recency.

CVE-2017-17959 php_multivendor_ecommerce_project Published on 28 Dec 2017, 18:29 UTC (CVSS: 7.5)
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.
CVE-2017-17957 php_multivendor_ecommerce_project Published on 28 Dec 2017, 18:29 UTC (CVSS: 7.5)
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
CVE-2017-17951 php_multivendor_ecommerce_project Published on 28 Dec 2017, 18:29 UTC (CVSS: 7.5)
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
CVE-2017-17624 php_multivendor_ecommerce_project Published on 13 Dec 2017, 09:29 UTC (CVSS: 7.5)
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
CVE-2017-17960 php_multivendor_ecommerce_project Published on 28 Dec 2017, 18:29 UTC (CVSS: 6.8)
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.

All CVEs for php_multivendor_ecommerce_project

CVE-2017-17960 php_multivendor_ecommerce_project vulnerability CVSS: 6.8 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.

CVE-2017-17959 php_multivendor_ecommerce_project vulnerability CVSS: 7.5 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.

CVE-2017-17958 php_multivendor_ecommerce_project vulnerability CVSS: 4.3 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter.

CVE-2017-17957 php_multivendor_ecommerce_project vulnerability CVSS: 7.5 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

CVE-2017-17956 php_multivendor_ecommerce_project vulnerability CVSS: 4.3 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter.

CVE-2017-17955 php_multivendor_ecommerce_project vulnerability CVSS: 4.3 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter.

CVE-2017-17954 php_multivendor_ecommerce_project vulnerability CVSS: 4.3 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter.

CVE-2017-17953 php_multivendor_ecommerce_project vulnerability CVSS: 4.3 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter.

CVE-2017-17952 php_multivendor_ecommerce_project vulnerability CVSS: 5.0 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.

CVE-2017-17951 php_multivendor_ecommerce_project vulnerability CVSS: 7.5 28 Dec 2017, 18:29 UTC

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.

CVE-2017-17624 php_multivendor_ecommerce_project vulnerability CVSS: 7.5 13 Dec 2017, 09:29 UTC

PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.