SourceCodester SUP Online Shopping 代码注入漏洞

SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping contains a code injection vulnerability. This vulnerability arises from improper handling of the productName parameter in the file...

CVE-2021-42193

nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/id. Each time a user views the product in the shop, the XSS payload fires...

EUVD-2025-26362

Malicious code in bioql PyPI...

CVE-2021-42193

nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/id. Each time a user views the product in the shop, the XSS payload fires...

EUVD-2021-29175

nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/id. Each time a user views the product in the shop, the XSS payload fires...

CVE-2021-42193

nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/id. Each time a user views the product in the shop, the XSS payload fires...

CVE-2025-9797

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

expressCart 安全漏洞

expressCart is a shopping cart software by Mark Moffat Individual Developer. A security vulnerability exists in expressCart that stems from an injection attack due to a misuse of the file /admin/product/edit/...

CVE-2022-1686

The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection...