Online Shopping Portal html_table.php File Cross-Site Scripting Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of file...

CVE-2024-10754

CVE-2024-10754 | PHPGurukul Online Shopping Portal 2.0 suffers a cross-site scripting flaw in /admin/assets/plugins/DataTables/media/unit_testing/templates/dymanic_table.php. The issue stems from inadequate filtering/escaping of the scripts parameter, enabling remote exploitation. Exploit details...

CVE-2024-10753 PHPGurukul Online Shopping Portal dom_data_two_headers.php cross site scripting

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unittesting/templates/domdatatwoheaders.php. The manipulation of the argument scripts leads to cross...

CVE-2024-10744

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php. The manipulation of the argument scripts...

CVE-2024-10745 PHPGurukul Online Shopping Portal deferred_table.php cross site scripting

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/deferredtable.php. The manipulation of the argument scripts leads to...

CVE-2024-10745

PHPGurukul Online Shopping Portal 2.0 is affected. The vulnerable component is /admin/assets/plugins/DataTables/media/unit_testing/templates/deferred_table.php, where manipulation of the scripts parameter enables cross-site scripting. The issue can be triggered remotely, and public exploitation i...

CVE-2024-10744

CVE-2024-10744 affects PHPGurukul Online Shopping Portal 2.0, specifically the /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php functionality. The issue is a cross-site scripting flaw triggered by manipulating the scripts parameter, enabling remote exploitation. ...

CVE-2024-10743

CVE-2024-10743 affects PHPGurukul Online Shopping Portal 2.0, specifically the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. The vulnerability is a cross-site scripting (XSS) issue caused by manipulation of an argument value in an unknown function of ...

PT-2024-16516 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting unknown code of the file admin/assets/plugins/DataTables/media/unit testing/templates/dom data two...

PT-2024-16509 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit...

PT-2024-16510 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability has been identified in PHPGurukul Online Shopping Portal, affecting an unknown part of the file /admin/assets/plugins/DataTables/media/unit testing/templates/dom...

PT-2024-16508 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit testing/templates/comple...

Cross Site Scripting (XSS)

ckan is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to the Datatables view plugin did not properly escape record data coming from the DataStore. This can lead to compromising confidentiality of the system...

GHSA-R3JC-VHF4-6V32 CKAN has Cross-site Scripting vector in the Datatables view plugin

The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Impact Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin included in CKAN core, that not activated by default but it is widely used to...

CKAN has Cross-site Scripting vector in the Datatables view plugin

The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Impact Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin included in CKAN core, that not activated by default but it is widely used to...

CVE-2024-41675

CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin...

CVE-2024-41675 CKAN has a Cross-site Scripting vector in the Datatables view plugin

CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin...

CVE-2024-41675 CKAN has a Cross-site Scripting vector in the Datatables view plugin

CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin...

CVE-2024-41675

CKAN 2.7.0+ with the datatables_view plugin (a core CKAN component) is affected: the Datatables view failed to properly escape data from the DataStore, creating an XSS vector. The issue is fixed in CKAN 2.10.5 and 2.11.0. Affected sites should upgrade to one of these versions to remediate; the pl...

CVE-2024-41675 CKAN has a Cross-site Scripting vector in the Datatables view plugin

CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin...