EUVD-2020-13460

Malware in sbrugna...

EUVD-2025-32190

Malicious code in bioql PyPI...

CVE-2025-56162

YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...

CVE-2025-56162

YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...

PT-2025-40400

Name of the Vulnerable Software and Affected Versions YOSHOP version 2.0 Description The software is susceptible to an unauthenticated SQL injection through the goodsIds parameter of the /api/goods/listByIds API endpoint. The getListByIds function improperly concatenates user-supplied input into ...

CVE-2025-5569

A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is...

CVE-2020-20675

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/...

CVE-2020-20675

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/...

CVE-2020-20675

Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/...

Nuishop SQL注入漏洞

Nuishop is an application software. An application shopping center system. Nuishop version 2.3 suffers from a SQL injection vulnerability that can be exploited by an attacker who can include "/goods/getGoodsListByConditions/" in...

pjtian.com XSS vulnerability

Open Bug Bounty ID: OBB-462242 Description| Value ---|--- Affected Website:| pjtian.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

tradeease.net XSS vulnerability

Open Bug Bounty ID: OBB-462077 Description| Value ---|--- Affected Website:| tradeease.net Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...

SQL Injection Vulnerability in DuoDuo Rebate System V8.3_UTF8 official version admin\mod\goods\list.act.php

DuoDuo rebate system is for e-commerce rebate, shopping guide to provide solutions, is the open source PHP rebate site system. DuoDuo rebate web system V8.3UTF8 official version admin\mod\goods\list.act.php SQL injection vulnerability. The vulnerability is due to the system failing to effectively...