55 matches found
EUVD-2023-60560
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the fromoption, fromctrl,...
CVE-2023-54364
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the fromoption, fromctrl,...
CVE-2023-54364
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the fromoption, fromctrl,...
CVE-2023-54364
Joomla HikaShop 4.7.4 is affected by a reflected XSS vulnerability in the product filter endpoint. The issue allows unauthenticated attackers to inject scripts via GET parameters (from_option, from_ctrl, from_task, from_itemid). Victims visiting a crafted link can have scripts executed, with pote...
CVE-2023-54364 Joomla HikaShop 4.7.4 Reflected XSS via Product Filter
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the fromoption, fromctrl,...
CVE-2023-54364 Joomla HikaShop 4.7.4 Reflected XSS via Product Filter
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the fromoption, fromctrl,...
Joomla HikaShop 跨站脚本漏洞
Joomla HikaShop is an open-source e-commerce website building and online store management extension developed by HikaShop. Version 4.7.4 of Joomla HikaShop contains a cross-site scripting vulnerability, which stems from improper handling of GET parameters. This vulnerability may lead to...
PT-2026-31731
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter endpoint. Attackers can craft malicious URLs containing XSS payloads in the from option, from ctrl,...
EUVD-2015-7268
Malware in sbrugna...
EUVD-2025-4249
Malicious code in bioql PyPI...
EUVD-2025-6697
Malicious code in bioql PyPI...
EUVD-2024-38609
Malicious code in bioql PyPI...
CVE-2024-40746
A stored cross-site scripting XSS vulnerability in HikaShop Joomla Component 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the description parameter of any product. The description parameter is not sanitised in the...
CVE-2015-7344
HikaShop Joomla Component before 2.6.0 has XSS via an injected payload/caption...
CVE-2025-25225
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers administrator to escalate their privileges to Super Admin Permissions...
CVE-2025-25225
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers administrator to escalate their privileges to Super Admin Permissions...
CVE-2025-25225
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers administrator to escalate their privileges to Super Admin Permissions...
CVE-2025-25225 Extension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for Joomla
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers administrator to escalate their privileges to Super Admin Permissions...
CVE-2025-25225 Extension - hikashop.com - Privilege escalation vulnerability Hikashop component version 1.0.0 - 5.1.3 for Joomla
A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers administrator to escalate their privileges to Super Admin Permissions...
CVE-2025-25225
CVE-2025-25225: Privilege-escalation in Hikashop for Joomla affects Hikashop component versions 1.0.0–5.1.3; authenticated administrators can escalate to Super Admin. Root cause and exploit details are not fully disclosed in all sources, but several advisories corroborate privilege escalation as ...