CVE-2025-15248

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be...

EUVD-2025-205775

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be...

CVE-2025-15248

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be...

CVE-2025-15248

The CVE-2025-15248 entry concerns sunhailin12315 product-review 商品评价系统’s Write a Review component. The vulnerability is a cross-site scripting flaw triggered by manipulating the content argument, enabling remote exploitation. A PoC/public exploit exists. The affected version set is up to 91ead689...

CVE-2025-15248 sunhailin12315 product-review 商品评价系统 Write a Review cross site scripting

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be...

CVE-2025-15248 sunhailin12315 product-review 商品评价系统 Write a Review cross site scripting

A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing manipulation of the argument content results in cross site scripting. The attack is possible to be...

PT-2025-54174

Name of the Vulnerable Software and Affected Versions sunhailin12315 product-review 商品评价系统 versions up to 91ead6890b4065bb45b7602d0d73348e75cb4639 Description A security flaw exists in the sunhailin12315 product-review 商品评价系统. The issue is related to cross site scripting, which can be triggered b...

product-review 代码注入漏洞

product-review is a product review system by sunhailin12315 individual developer. A code injection vulnerability exists in product-review, which stems from the incorrect manipulation of the parameter content in the component Write a Review, which could lead to a cross-site scripting attack...

EUVD-2021-1658

Malware in sbrugna...

EUVD-2024-27502

Malicious code in bioql PyPI...

CubeCart 安全漏洞

CubeCart is an e-commerce software from CubeCart Open Source. A security vulnerability exists in CubeCart versions prior to 6.5.11, which stems from a product review feature that does not properly clean up user input and could lead to a cross-site scripting attack...

CVE-2024-2553

A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is possible to launch the...

CVE-2024-27499

Bagisto v1.5.1 is vulnerable for Cross site scriptingXSS via png file upload vulnerability in product review option...

CVE-2021-4455

The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server whic...

CVE-2021-4455 Wordpress Plugin Smart Product Review <= 1.0.4 - Unauthenticated Arbitrary File Upload

The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server whic...

WordPress plugin Smart Product Review 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

PT-2025-17369 · WordPress · Smart Product Review

Name of the Vulnerable Software and Affected Versions: Smart Product Review plugin for WordPress versions up to, and including, 1.0.4 Description: The Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation. This makes it possible for...

CVE-2024-50945

An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the product...

GHSA-65V7-WG35-2QPM Sylius Resource Bundle Cross-Site Request Forgery vulnerability

Sylius 1.0.0 to 1.0.16, 1.1.0 to 1.1.8, 1.2.0 to 1.2.1 versions of AdminBundle and ResourceBundle are affected by this security issue. This issue has been fixed in Sylius 1.0.17, 1.1.9 and 1.2.2. Development branch for 1.3 release has also been fixed. Description The following actions in the admi...

CVE-2024-2553

A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is possible to launch the...