6 matches found
CVE-2026-14769
The CVE-2026-14769 entry concerns code-projects Real State Services 1.0. A vulnerability in processing the file /pay.php allows manipulation of the Bankname parameter that leads to a SQL injection. The issue appears to be exploitable remotely and public exploit details are available. Metrics indi...
PT-2026-39974
The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb handle slek payment redirect function placing the merchant's slek key and slek secret API credentials directly into a client-side HTML form, and additionally embeddin...
CVE-2024-38469
zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the $search parameter at /pay.php...
CVE-2024-38469
zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting XSS vulnerability via the $search parameter at /pay.php...
The vulnerability of the CASAP Automated Enrollment System software lies in its lack of measures to protect the SQL query structure, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the CASAP Automated Enrollment System lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information through the parameter “id...
SQL injection vulnerability in the climit parameter of the admin_pay.php page of the Ocean CMS system
Ocean CMS is an open source website builder. A SQL injection vulnerability exists in the Ocean CMS adminpay.php page. The lack of filtering of the climit parameter allows attackers to exploit the vulnerability to obtain sensitive database information...