121 matches found
EUVD-2017-12727
Malware in sbrugna...
EUVD-2019-12507
Malware in sbrugna...
EUVD-2017-12732
Malware in sbrugna...
EUVD-2017-12723
Malware in sbrugna...
EUVD-2015-4791
Malware in sbrugna...
EUVD-2023-36113
Malicious code in bioql PyPI...
EUVD-2024-0752
Malicious code in bioql PyPI...
EUVD-2024-47639
Malicious code in bioql PyPI...
EUVD-2024-18585
Malicious code in bioql PyPI...
EUVD-2023-27044
Malicious code in bioql PyPI...
CVE-2025-48171
CVE-2025-48171 is a WordPress Cena Store vulnerability (versions
CVE-2025-54702
Cross-Site Request Forgery CSRF vulnerability in motov.net Ebook Store ebook-store allows Cross Site Request Forgery.This issue affects Ebook Store: from n/a through = 5.8013...
CVE-2025-7486 Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-7486 Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details
The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to...
CVE-2025-49862
CVE-2025-49862 is a Stored Cross-Site Scripting vulnerability in the WordPress Ebook Store plugin (versions n/a through 5.8008) caused by improper input neutralization during web page generation. Affected products and version range are corroborated by NVD/Red Hat/Wordfence entries; Wordfence list...
CVE-2024-8008
A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...
CVE-2024-31651
A cross-site scripting XSS in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter...
CVE-2023-3681
A vulnerability classified as problematic was found in Campcodes Retro Cellphone Online Store 1.0. This vulnerability affects unknown code of the file /admin/modaladdproduct.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The...
CVE-2021-29043
The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows attackers to steal the proxy password via man-in-the-middl...
CVE-2020-28139
SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting XSS vulnerability via a Offer Detail field in offer.php...