Lucene search
K

121 matches found

Packet Storm
Packet Storm
added 2024/07/25 12:0 a.m.286 views

Multi Store Inventory Management System 1.0 Insecure Direct Object Reference

==================================================================================================================================== | Title : Multi Store Inventory Management System v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0....

7.4AI score
Exploits0
NVD
NVD
added 2024/04/02 5:15 p.m.14 views

CVE-2024-3151

A vulnerability, which was classified as problematic, was found in Bdtask Multi-Store Inventory Management System up to 20240325. Affected is an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. The manipulation leads to cross-site request...

5CVSS4.6AI score0.00388EPSS
Exploits1References4
NVD
NVD
added 2024/03/27 9:15 p.m.14 views

CVE-2024-2998

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

5.4CVSS3.3AI score0.00546EPSS
Exploits1References4
OSV
OSV
added 2024/03/27 9:15 p.m.6 views

CVE-2024-2998

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

5.4CVSS3.5AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/27 8:31 p.m.15 views

CVE-2024-2998 Bdtask Multi-Store Inventory Management System Store Update Page cross site scripting

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

3.3CVSS6AI score0.00546EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/03/27 8:31 p.m.17 views

CVE-2024-2998 Bdtask Multi-Store Inventory Management System Store Update Page cross site scripting

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Store Update Page. The manipulation of the argument Store Name/Store Address leads to cross site...

3.3CVSS3.7AI score0.00546EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/03/27 8:31 p.m.14 views

CVE-2024-2997 Bdtask Multi-Store Inventory Management System cross site scripting

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument Category Name/Model Name/Brand Name/Unit Name leads to cross site scripting...

3.3CVSS6.1AI score0.01215EPSS
Exploits6References4
CVE
CVE
added 2024/03/27 8:31 p.m.68 views

CVE-2024-2997

CVE-2024-2997 affects the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability is a cross-site scripting flaw triggered by manipulating the arguments Category Name, Model Name, Brand Name, or Unit Name, allowing remote exploitation and arbitrary script execution with...

5.4CVSS3.2AI score0.01215EPSS
Exploits6References4Affected Software1
Cvelist
Cvelist
added 2024/03/27 8:31 p.m.17 views

CVE-2024-2997 Bdtask Multi-Store Inventory Management System cross site scripting

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument Category Name/Model Name/Brand Name/Unit Name leads to cross site scripting...

3.3CVSS3.8AI score0.01215EPSS
Exploits6References4
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.5 views

PT-2024-23172 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A vulnerability was found in the system, affecting an unknown functionality. The manipulation of the Category Name, Model Name, Brand Name, or Unit Name...

5.4CVSS3.2AI score0.01215EPSS
Exploits6References11
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

Inventory Management System 跨站脚本漏洞

Inventory Management System is an inventory management system for stemword individual developers. A cross-site scripting vulnerability exists in Bdtask Multi-Store Inventory Management System 20240320 and prior versions, which stems from a cross-site scripting XSS vulnerability in the component...

5.4CVSS3.8AI score0.00546EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.4 views

PT-2024-23175 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A problematic issue was found in the Store Update Page component of the Bdtask Multi-Store Inventory Management System. The manipulation of the Store Name and...

5.4CVSS3.3AI score0.00546EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

Inventory Management System 安全漏洞

Inventory Management System is an inventory management system for stemword individual developers. A security vulnerability exists in Bdtask Multi-Store Inventory Management System 20240320 and earlier versions, which stems from a cross-site scripting XSS vulnerability in the component Page Title...

4.8CVSS3.6AI score0.00519EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.4 views

PT-2024-23169 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System versions up to 20240320 Description: A vulnerability was found in the Page Title Handler component of the system, which can lead to cross-site scripting. The manipulation can be launched remotely...

4.8CVSS3.3AI score0.00519EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/03/03 12:0 a.m.3 views

Bdtask Isshue Cross-Site Scripting Vulnerability

Bdtask Isshue is a multi-store eCommerce shopping cart software from Bdtask Inc. A cross-site scripting vulnerability exists in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution version 4.0, which stems from /dashboard/Cinvoice/manageinvoice containing an unknown section in the component...

3.3CVSS6.2AI score0.00483EPSS
Exploits0References4
Prion
Prion
added 2023/06/05 2:15 p.m.16 views

Cross site scripting

The WP Multi Store Locator WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.9CVSS5.3AI score0.00444EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/05 1:39 p.m.9 views

CVE-2023-0152 WP Multi Store Locator <= 2.4 - Contributor+ Stored XSS

The WP Multi Store Locator WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00444EPSS
Exploits2References1
CVE
CVE
added 2023/06/05 1:39 p.m.60 views

CVE-2023-0152

CVE-2023-0152 affects the WP Multi Store Locator WordPress plugin (versions

5.4CVSS5.5AI score0.00444EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.7 views

PT-2023-16041 · WordPress · Wp Multi Store Locator

Name of the Vulnerable Software and Affected Versions: WP Multi Store Locator WordPress plugin versions prior to 2.5 Description: The issue concerns the WP Multi Store Locator WordPress plugin, which does not properly validate and escape certain shortcode attributes. This could allow users with t...

5.4CVSS8.3AI score0.00444EPSS
Exploits2References4
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.14 views

WordPress WP Multi Store Locator Plugin <= 2.4.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Multi Store Locator Type Plugin Vulnerable versions = 2.4.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0152 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID dcc1d96fdaf2 Credits Lana Codes...

5.4CVSS5.6AI score0.00444EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder