iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User...
8.8CVSS
8.6AI Score
0.001EPSS
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId...
9.8CVSS
8.6AI Score
0.002EPSS
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId...
9.8CVSS
8.6AI Score
0.002EPSS
iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User...
6.1CVSS
6.2AI Score
0.001EPSS
iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin...
4.8CVSS
6.2AI Score
0.001EPSS
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin...
7.2CVSS
8.6AI Score
0.001EPSS
8.8CVSS
7.4AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party...
6.3AI Score
0.007EPSS
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type...
9.3AI Score
0.006EPSS