3 matches found
CVE-2025-10317 Multiple Cross-Site Request Forgery in Quick.Cart
Quick.Cart is vulnerable to Cross-Site Request Forgery in product creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious product with content defined by the attacker. This software does not...
OpenSolution Quick.Cart 跨站请求伪造漏洞
OpenSolution Quick.Cart is an online store system from OpenSolution Poland. A cross-site request forgery vulnerability exists in OpenSolution Quick.Cart version 6.7, which stems from a lack of cross-site request forgery protection in the product creation functionality that could lead to the...
CVE-2025-57204
Stocky POS with Inventory Management & HRM ui-lib version 5.0 is affected by a Stored Cross-Site Scripting XSS vulnerability within the Products module available to authenticated users. The vulnerability resides in the product name parameter submitted to the product-creation endpoint via a standa...