Lucene search
MitreCVELIST:CVE-2015-3421HistoryJul 21, 2017 - 2:00 p.m.
CVE-2015-3421
2017-07-2114:00:00
mitre
www.cve.org
0.001 Low
EPSS
Percentile
30.9%
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the “eshopcart” HTTP cookie, which allows remote attackers to perform cross-site scripting (XSS) attacks, or a path disclosure attack via crafted variables named after target PHP variables.
Related
wpvulndb
wpvulndb
eShop <= 6.3.11 - Remote Code Execution
2015-05-06 00:00:00
securityvulns
securityvulns
Arbitrary Variable Overwrite in eShop WordPress Plugin
2015-05-11 00:00:00
cve
cve
CVE-2015-3421
2017-07-21 14:29:00
packetstorm
packetstorm
WordPress eShop 6.3.11 Code Execution
2015-05-06 00:00:00
htbridge
htbridge
Arbitrary Variable Overwrite in eShop WordPress Plugin
2015-04-15 00:00:00
nvd
nvd
CVE-2015-3421
2017-07-21 14:29:00
zdt
zdt
WordPress eShop 6.3.11 Code Execution Exploit
2015-05-06 00:00:00
prion
prion
Cross site scripting
2017-07-21 14:29:00