78 matches found
WordPress Order Tracking Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Order Tracking Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4471 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29d4142f0f03 Credits Marco Wotschka...
WordPress Order Tracking Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Order Tracking Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4500 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1251cfa80c41 Credits Marco Wotschka Required...
CVE-2022-4888
The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2,...
PT-2023-15899 · WordPress · Checkout Fields Manager +12
Name of the Vulnerable Software and Affected Versions: Checkout Fields Manager WordPress plugin versions prior to 1.0.2 Abandoned Cart Recovery WordPress plugin versions prior to 1.2.5 Custom Fields for WooCommerce WordPress plugin versions prior to 1.0.4 Custom Order Number WordPress plugin...
CVE-2023-26859
SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component...
CVE-2023-26859
SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component...
PrestaShop SQL注入漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A security vulnerability exists in PrestaShop sendinblue v.4.0.15 and earlier versions, whic...
PT-2023-20829 · Prestashop · Prestashop Sendinblue
Name of the Vulnerable Software and Affected Versions: PrestaShop sendinblue versions 4.0.15 and earlier Description: A SQL injection issue allows a remote attacker to gain privileges via the ajaxOrderTracking.php component. Recommendations: For PrestaShop sendinblue versions 4.0.15 and earlier,...
WordPress plugin 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress WooCommerce plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin WooCommerce prior to 1.1.10. The vulnerability stems from the fact that the WooCommerce WordPress plugin's order...
WordPress Order Tracking plugin <= 3.0.16 - Cross-Site Request Forgery (CSRF) leading to Order, Customer and Sales Representative Deletion
Cross-Site Request Forgery CSRF leading to Order, Customer and Sales Representative Deletion discovered in WordPress Order Tracking plugin versions = 3.0.16. Solution Update the WordPress Order Tracking plugin to the latest available version at least 3.0.17...
WordPress Order Tracking plugin <= 3.0.16 - Authenticated Arbitrary Plugin Settings Update vulnerability
Authenticated Arbitrary Plugin Settings Update vulnerability discovered in WordPress Order Tracking plugin versions = 3.0.16. Solution Update the WordPress Order Tracking plugin to the latest available version at least 3.0.17...
WordPress YITH WooCommerce Order Tracking plugin <=1.2.10 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Order Tracking plugin versions =1.2.10. Solution Update the WordPress YITH WooCommerce Order Tracking plugin to the latest available version at least 1.2.11...
OpenCart 'updateAmazonOrderTracking' Function SQL Injection Vulnerability
OpenCart is an open source e-commerce system from OpenCart China . The system provides product reviews, product ratings, product additions and other modules. An SQL injection vulnerability exists in the 'updateAmazonOrderTracking' function in the upload/admin/model/openbay/amazon.php file in...
My Kazaam Notes Management System SQL Injection / Cross Site Scripting
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...
My Kazaam Notes Management System - Multiple Vulnerabilities
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...
My Kazaam Notes Management System - Multiple Vulnerabilities
My Kazaam Notes Management System - Multiple Vulnerabilities Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects,...
My Kazaam Notes Management System Multiple Vulnerability
Exploit for php platform in category web applications ======================================================== My Kazaam Notes Management System Multiple Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...