25 matches found
CVE-2025-10969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004
CVE-2025-13004 involves the Farktor Software E-Commerce Package. Affected: E-Commerce Package (through 27112025). Vulnerability: Authorization Bypass Through User-Controlled Key by manipulating user-controlled variables. Root cause: inadequate validation/verification of keys or variables enabling...
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004 IDOR in Farktor Software's E-Commerce Package
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004 IDOR in Farktor Software's E-Commerce Package
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002
CVE-2025-13002 concerns an XSS in Farktor Software’s E-Commerce Package (E-Commerce Services Inc.). The issue arises from Improper Neutralization of Input During Web Page Generation and affects versions up to 27112025. The CVSS‑3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H with a base score o...
CVE-2025-13002 XSS in Farktor Software's E-Commerce Package
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002 XSS in Farktor Software's E-Commerce Package
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS. This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection. This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969
CVE-2025-10969 is a SQL Injection vulnerability in Farktor Software E-Commerce Package (through 27112025). The issue arises from improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. CVSS v3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, no privile...
Farktor E-Commerce Package 安全漏洞
Farktor E-Commerce Package is an e-commerce platform developed by the Turkish company Farktor. The Farktor E-Commerce Package versions 27112025 and earlier have a security vulnerability. This vulnerability stems from bypassing authorization through the user control key, which may lead to...