Lucene search
K

78 matches found

Patchstack
Patchstack
added 2023/08/29 12:0 a.m.13 views

WordPress Order Tracking Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Order Tracking Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4471 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29d4142f0f03 Credits Marco Wotschka...

6.1CVSS5.6AI score0.00466EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/08/29 12:0 a.m.12 views

WordPress Order Tracking Plugin <= 3.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Order Tracking Type Plugin Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4500 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1251cfa80c41 Credits Marco Wotschka Required...

4.8CVSS5.8AI score0.003EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/07/31 10:15 a.m.4 views

CVE-2022-4888

The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2,...

6.5CVSS5.8AI score0.00269EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/07/31 12:0 a.m.7 views

PT-2023-15899 · WordPress · Checkout Fields Manager +12

Name of the Vulnerable Software and Affected Versions: Checkout Fields Manager WordPress plugin versions prior to 1.0.2 Abandoned Cart Recovery WordPress plugin versions prior to 1.2.5 Custom Fields for WooCommerce WordPress plugin versions prior to 1.0.4 Custom Order Number WordPress plugin...

6.5CVSS8.8AI score0.00269EPSS
Exploits2References5
OSV
OSV
added 2023/07/26 2:15 p.m.3 views

CVE-2023-26859

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component...

9.8CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/07/26 2:15 p.m.2 views

CVE-2023-26859

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component...

9.8CVSS7.3AI score0.00624EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.5 views

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom and other features. A security vulnerability exists in PrestaShop sendinblue v.4.0.15 and earlier versions, whic...

9.8CVSS8.5AI score0.00624EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.5 views

PT-2023-20829 · Prestashop · Prestashop Sendinblue

Name of the Vulnerable Software and Affected Versions: PrestaShop sendinblue versions 4.0.15 and earlier Description: A SQL injection issue allows a remote attacker to gain privileges via the ajaxOrderTracking.php component. Recommendations: For PrestaShop sendinblue versions 4.0.15 and earlier,...

9.8CVSS9.9AI score0.00624EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.8 views

WordPress plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

6.5CVSS6.9AI score0.00269EPSS
Exploits2References2
CNVD
CNVD
added 2022/01/26 12:0 a.m.25 views

WordPress WooCommerce plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress plugin WooCommerce prior to 1.1.10. The vulnerability stems from the fact that the WooCommerce WordPress plugin's order...

4.3CVSS1.3AI score0.00887EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2022/01/06 12:0 a.m.7 views

WordPress Order Tracking plugin <= 3.0.16 - Cross-Site Request Forgery (CSRF) leading to Order, Customer and Sales Representative Deletion

Cross-Site Request Forgery CSRF leading to Order, Customer and Sales Representative Deletion discovered in WordPress Order Tracking plugin versions = 3.0.16. Solution Update the WordPress Order Tracking plugin to the latest available version at least 3.0.17...

2.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2022/01/06 12:0 a.m.5 views

WordPress Order Tracking plugin <= 3.0.16 - Authenticated Arbitrary Plugin Settings Update vulnerability

Authenticated Arbitrary Plugin Settings Update vulnerability discovered in WordPress Order Tracking plugin versions = 3.0.16. Solution Update the WordPress Order Tracking plugin to the latest available version at least 3.0.17...

3.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2019/10/31 12:0 a.m.16 views

WordPress YITH WooCommerce Order Tracking plugin <=1.2.10 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability

Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Order Tracking plugin versions =1.2.10. Solution Update the WordPress YITH WooCommerce Order Tracking plugin to the latest available version at least 1.2.11...

4.3CVSS3.2AI score0.00948EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/09/04 12:0 a.m.3 views

OpenCart 'updateAmazonOrderTracking' Function SQL Injection Vulnerability

OpenCart is an open source e-commerce system from OpenCart China . The system provides product reviews, product ratings, product additions and other modules. An SQL injection vulnerability exists in the 'updateAmazonOrderTracking' function in the upload/admin/model/openbay/amazon.php file in...

7.2CVSS7.6AI score0.0141EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2010/07/13 12:0 a.m.30 views

My Kazaam Notes Management System SQL Injection / Cross Site Scripting

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/10 12:0 a.m.48 views

My Kazaam Notes Management System - Multiple Vulnerabilities

Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j. Special Greetz:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/07/10 12:0 a.m.31 views

My Kazaam Notes Management System - Multiple Vulnerabilities

My Kazaam Notes Management System - Multiple Vulnerabilities Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: My Kazaam Notes Management System Multiple Vulnerability Vendor url:http://www.mykazaam.com Version:1 Published: 2010-07-11 Greetz to:r0073r inj3ct0r.com, Sid3^effects,...

0.4AI score
Exploits0
0day.today
0day.today
added 2010/07/10 12:0 a.m.27 views

My Kazaam Notes Management System Multiple Vulnerability

Exploit for php platform in category web applications ======================================================== My Kazaam Notes Management System Multiple Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

7.1AI score
Exploits0
Rows per page
Query Builder