Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/02/13 1:22 p.m.5 views

CVE-2025-10969

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...

9.8CVSS5.7AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/13 1:22 p.m.6 views

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...

6.3CVSS5.4AI score0.00254EPSS
Exploits0References1
OSV
OSV
added 2026/02/12 2:16 p.m.7 views

CVE-2025-13002

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...

6.1CVSS5.8AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2026/02/12 2:16 p.m.5 views

CVE-2025-10969

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...

9.8CVSS5.8AI score0.00345EPSS
Exploits0References1
OSV
OSV
added 2026/02/12 2:16 p.m.4 views

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...

6.3CVSS5.8AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2026/02/12 2:16 p.m.4 views

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

6.3CVSS0.00254EPSS
Exploits0References2
NVD
NVD
added 2026/02/12 2:16 p.m.6 views

CVE-2025-10969

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

9.8CVSS0.00345EPSS
Exploits0References2
CVE
CVE
added 2026/02/12 1:12 p.m.12 views

CVE-2025-13004

CVE-2025-13004 involves the Farktor Software E-Commerce Package. Affected: E-Commerce Package (through 27112025). Vulnerability: Authorization Bypass Through User-Controlled Key by manipulating user-controlled variables. Root cause: inadequate validation/verification of keys or variables enabling...

6.3CVSS5.8AI score0.00254EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/12 1:12 p.m.6 views

CVE-2025-13004

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

6.3CVSS5.8AI score0.00254EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/12 1:12 p.m.7 views

CVE-2025-13004 IDOR in Farktor Software's E-Commerce Package

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

6.3CVSS5.8AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/12 1:12 p.m.25 views

CVE-2025-13004 IDOR in Farktor Software's E-Commerce Package

Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...

6.3CVSS0.00254EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/12 12:57 p.m.5 views

CVE-2025-13002

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

8.2CVSS5.8AI score0.00215EPSS
Exploits0References3
CVE
CVE
added 2026/02/12 12:57 p.m.12 views

CVE-2025-13002

CVE-2025-13002 concerns an XSS in Farktor Software’s E-Commerce Package (E-Commerce Services Inc.). The issue arises from Improper Neutralization of Input During Web Page Generation and affects versions up to 27112025. The CVSS‑3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H with a base score o...

8.2CVSS5.8AI score0.00215EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/12 12:57 p.m.6 views

CVE-2025-13002 XSS in Farktor Software's E-Commerce Package

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

8.2CVSS5.8AI score0.00215EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/12 12:57 p.m.27 views

CVE-2025-13002 XSS in Farktor Software's E-Commerce Package

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...

8.2CVSS0.00215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/12 12:50 p.m.4 views

CVE-2025-10969

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

9.8CVSS5.6AI score0.00345EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/12 12:50 p.m.4 views

CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

9.8CVSS5.6AI score0.00345EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/12 12:50 p.m.28 views

CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...

9.8CVSS0.00345EPSS
Exploits0References2
CVE
CVE
added 2026/02/12 12:50 p.m.13 views

CVE-2025-10969

CVE-2025-10969 is a SQL Injection vulnerability in Farktor Software E-Commerce Package (through 27112025). The issue arises from improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. CVSS v3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, no privile...

9.8CVSS5.6AI score0.00345EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.11 views

Farktor E-Commerce Package 安全漏洞

Farktor E-Commerce Package is an e-commerce platform developed by the Turkish company Farktor. The Farktor E-Commerce Package versions 27112025 and earlier have a security vulnerability. This vulnerability stems from bypassing authorization through the user control key, which may lead to...

6.3CVSS5.7AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder