Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/06/02 11:0 a.m.13 views

CVE-2025-47289 Stored XSS in CE Phoenix Cart Testimonials Allows Account Takeover if Missing HttpOnly Flag

CE Phoenix is a free, open-source eCommerce platform. A stored cross-site scripting XSS vulnerability was discovered in CE Phoenix versions 1.0.9.9 through 1.1.0.2 where an attacker can inject malicious JavaScript into the testimonial description field. Once submitted, if the shop owner admin...

6.3CVSS0.00219EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/02 11:0 a.m.13 views

CVE-2025-47289 Stored XSS in CE Phoenix Cart Testimonials Allows Account Takeover if Missing HttpOnly Flag

CE Phoenix is a free, open-source eCommerce platform. A stored cross-site scripting XSS vulnerability was discovered in CE Phoenix versions 1.0.9.9 through 1.1.0.2 where an attacker can inject malicious JavaScript into the testimonial description field. Once submitted, if the shop owner admin...

6.3CVSS5.4AI score0.00219EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.4 views

CE Phoenix Cart 访问控制错误漏洞

CE Phoenix Cart is a free, open source e-commerce shopping cart software from CE Phoenix Cart Open Source. An access control error vulnerability exists in CE Phoenix Cart versions prior to 1.0.9.7 through 1.1.0.3, which stems from a lack of password revalidation when deleting an account, which...

5.5CVSS6.6AI score0.00142EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.5 views

CE Phoenix Cart Security Vulnerability

CE Phoenix Cart is a free, open source e-commerce shopping cart software from CE Phoenix Cart Open Source. A security vulnerability exists in CE Phoenix Cart v1.0.8.20 and earlier versions, which stems from the presence of an HTML injection vulnerability. The vulnerability can be exploited by an...

4.8CVSS7.2AI score0.00813EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/02/16 12:0 a.m.4 views

CE Phoenix Cart Security Vulnerability

CE Phoenix Cart is a free, open source e-commerce shopping cart software from CE Phoenix Cart Open Source. A security vulnerability exists in CE Phoenix Cart v1.0.8.20, which originates from a Remote Code Execution RCE vulnerability in component /admin/definelanguage.php...

7.2CVSS7.3AI score0.27237EPSS
Exploits1References5
Rows per page
Query Builder