CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

PT-2026-28240

Name of the Vulnerable Software and Affected Versions Online Store System CMS version 1.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries. This is achieved by sending POST requests to the 'index.php' endpoint with the action parameter set to...

OpenSolution Quick.Cart 安全漏洞

OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains a security vulnerability, which stems from storing user passwords in plaintext. This vulnerability could allow privileged attackers to access user...

OpenSolution Quick.Cart 授权问题漏洞

OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains an authorization vulnerability. This vulnerability stems from the fact that session identifiers can be set before authentication and remain unchanged...

CVE-2019-8291

Online Store System v1.0 deletefile.php doesn't check to see if a user has administrative rights nor does it check for path traversal...

CVE-2019-8292

Online Store System v1.0 deleteproduct.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion...

Microweber Information Disclosure Vulnerability (CNVD-2023-32768)

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images and more. A security vulnerability exists in Microweber versions prior to 1.3.4, which stems from...

Microweber 跨站脚本漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A cross-site scripting vulnerability exists in Microweber versions prior to 1.3.3 that...

Microweber 跨站脚本漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A cross-site scripting vulnerability exists in Microweber versions prior to 1.2.19. An...

Merchandise Online Store SQL Injection Vulnerability (CNVD-2022-40281)

Merchandise Online Store is a merchandise online store system. merchandise Online Store has a security vulnerability that can be exploited by attackers to conduct SQL injection via /vloggersmerch/classes/Master.php?f=deleteorder attack...

microweber 安全漏洞

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A logic flaw vulnerability exists in Microweber, which stems from an error in the business...

Microweber 跨站脚本漏洞

Microweber is an online store management system from the US Microweber community that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. Microweber has a cross-site scripting vulnerability, and no details of the vulnerability are available at this...

microweber 跨站脚本漏洞

Microweber is an online store management system from the US Microweber community that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. Microweber has a cross-site scripting vulnerability, and no details of the vulnerability are available at this...

SQL Injection Vulnerability in SEMCMS SCSHOP (CNVD-2021-38033)

SCSHOP is a self-developed open source online store btc system. SEMCMS SCSHOP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in SEMCMS SCSHOP (CNVD-2021-38032)

SCSHOP is a self-developed open source online store btc system. SEMCMS SCSHOP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

SQL Injection Vulnerability in SEMCMS SCSHOP (CNVD-2021-38040)

SCSHOP is a self-developed open source online store btc system. SEMCMS SCSHOP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

Unauthorized Access Vulnerability in SEMCMS

SEMCMS is a self-developed open source online store btc system. SEMCMS has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...

Command Execution Vulnerability in ecshop

ecshop is a B2C independent online store system, suitable for enterprises and individuals to quickly build a personalized online store. The system is based on PHP language and MYSQL database structure development of cross-platform open source program. There is a command execution vulnerability in...