59 matches found
CVE-2018-25371
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
EUVD-2018-21892
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2018-25371
The CVE-2018-25371 entry concerns mooSocial Store Plugin 2.6 with a blind SQL injection in the product parameter of the URL rewrite functionality. The vulnerability allows unauthenticated attackers to manipulate queries, enabling boolean-based blind, time-based blind, or stacked query techniques ...
CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2018-25371
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
mooSocial Store Plugin SQL注入漏洞
mooSocial Store Plugin is a social e-commerce extension plugin from mooSocial. A SQL injection vulnerability exists in mooSocial Store Plugin version 2.6, which stems from a blind SQL injection via the product parameter in the URL rewriting feature, which could lead to database query manipulation...
PT-2026-35543
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete product. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the...
CVE-2026-30532
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...
CVE-2026-30567
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...
WebOfisi E-Ticaret 跨站脚本漏洞
WebOfisi E-Ticaret is an e-commerce website building and management system provided by the Turkish company WebOfisi. Version 4.0 of WebOfisi E-Ticaret has a cross-site scripting vulnerability, which stems from insufficient input validation for the “product” parameter. This vulnerability may lead ...
PT-2026-26605
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurar produto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the id produto GET parameter...
CVE-2026-2865
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The attack may be...
CVE-2026-2865 itsourcecode Agri-Trading Online Shopping System HTTP POST Request productcontroller.php sql injection
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The attack may be...
PT-2026-21368
Name of the Vulnerable Software and Affected Versions itsourcecode Agri-Trading Online Shopping System version 1.0 Description A flaw exists within the Agri-Trading Online Shopping System that allows for SQL injection. This issue stems from manipulating the Product argument within an HTTP POST...
itsourcecode Agri-Trading Online Shopping System SQL注入漏洞
itsourcecode Agri-Trading Online Shopping System is an open-source online shopping system developed by itsourcecode. Version 1.0 of the itsourcecode Agri-Trading Online Shopping System has a SQL injection vulnerability. This vulnerability arises from the handling of the Product parameter in the...
CVE-2025-41025
Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'category' y 'product' parameters in '/farm/sellproduct.php'...
CVE-2025-41025
Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'category' y 'product' parameters in '/farm/sellproduct.php'...
CVE-2025-41025
Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'category' y 'product' parameters in '/farm/sellproduct.php'...
Poultry Farm Management System Cross-Site Scripting Vulnerability
Poultry Farm Management System is a fully functional poultry management system developed by Poultry Company. Version 1.0 of the Poultry Farm Management System contains a cross-site scripting vulnerability. This vulnerability arises from insufficient validation of user input for the category and...