5 matches found
CVE-2025-28094
shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places...
CVE-2025-28094
creationtimestamp| type| source ---|---|--- 2025-03-28 22:28:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9492 2025-03-29 00:26:44+00:00| seen| https://t.me/cvedetector/21471...
CVE-2025-28094
shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places...
CVE-2025-28094
shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places...
CVE-2025-28094
ShopXO v6.4.0 is reported to have Server-Side Request Forgery (SSRF) and Cross‑Site Scripting (XSS) vulnerabilities across multiple locations. The consolidated sources indicate insufficient input validation/sanitization as the likely root cause, enabling unauthorized requests and script injection...