6 matches found
EUVD-2025-12241
Malicious code in bioql PyPI...
CVE-2025-52074
PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting XSS due to lack of input sanitization in the quantity parameter when adding a product to the cart...
CVE-2025-52074
PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting XSS due to lack of input sanitization in the quantity parameter when adding a product to the cart...
GHSA-94WQ-87G6-8H77 Magento Open Source allows Cross-Site Request Forgery (CSRF)
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to a customer's cart by an unauthenticated attacker. Acces...
CSRF forgery protection bypass in solidus_frontend
Impact CSRF vulnerability that allows a malicious site to add an item to the user's cart without their knowledge. All solidusfrontend versions are affected. If you're using your own storefront, please, follow along to make sure you're not affected. To reproduce the issue: - Pick the id for a...
CVE-2021-39864 Adobe Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Cart Addition
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to...