16 matches found
CVE-2025-40701
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701 Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701 Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701
SOTESHOP 8.3.4 contains a Reflected XSS in /adsTracker/checkAds via the id parameter. An attacker can inject JS and run it in the victim’s browser, potentially stealing session cookies or acting on behalf of the user. CVSS 4.0 suggests 5.1 base score (MEDIUM) with network attack vector, low compl...
SOTESHOP 跨站脚本漏洞
SOTESHOP is an online shopping system developed by SOTESHOP Corporation. Version SOTESHOP 8.3.4 contains a cross-site scripting vulnerability. This vulnerability stems from improper handling of the id parameter in adsTracker/checkAds, which may allow attackers to execute JavaScript code in the...
PT-2026-21512
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
EUVD-2025-5955
Malicious code in bioql PyPI...
CVE-2025-1776
Cross-Site Scripting XSS vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute arbitrary code via the ‘query’ parameter in /app-google-custom-search/searchResults. This vulnerability can be exploited to steal sensitive user data, such as session cookies...
CVE-2025-1776
Cross-Site Scripting XSS vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute arbitrary code via the ‘query’ parameter in /app-google-custom-search/searchResults. This vulnerability can be exploited to steal sensitive user data, such as session cookies...
CVE-2025-1776 Cross-Site Scripting (XSS) vulnerability in Soteshop
Cross-Site Scripting XSS vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute arbitrary code via the ‘query’ parameter in /app-google-custom-search/searchResults. This vulnerability can be exploited to steal sensitive user data, such as session cookies...
CVE-2025-1776 Cross-Site Scripting (XSS) vulnerability in Soteshop
Cross-Site Scripting XSS vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute arbitrary code via the ‘query’ parameter in /app-google-custom-search/searchResults. This vulnerability can be exploited to steal sensitive user data, such as session cookies...
CVE-2025-1776
CVE-2025-1776 concerns Soteshop before version 8.3.4, where the query parameter in /app-google-custom-search/searchResults is vulnerable to Cross-Site Scripting (XSS). The underlying issue allows an attacker to execute arbitrary code, potentially stealing sensitive data such as session cookies or...
PT-2025-9105 · Soteshop · Soteshop
Name of the Vulnerable Software and Affected Versions: Soteshop versions prior to 8.3.4 Description: A Cross-Site Scripting XSS issue exists, allowing remote attackers to execute arbitrary code via the query parameter in "/app-google-custom-search/searchResults". This can lead to the theft of...
SOTESHOP 跨站脚本漏洞
SOTESHOP is an online store system from SOTESHOP Inc. A cross-site scripting vulnerability exists in SOTESHOP versions prior to 8.3.4. An attacker can exploit this vulnerability to remotely execute code...
efugi.pl Cross Site Request Forgery vulnerability
Open Bug Bounty ID: OBB-932592 Security Researcher metamorfosec Helped patch 1963 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting efugi.pl website and i...