CVE-2023-4548

A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...

SPA-CART CMS 跨站脚本漏洞

SPA-CART CMS is a content management system for Oleg Individual Developers. A cross-site scripting vulnerability exists in SPA-CART CMS version 1.9.0.3, which stems from the presence of stored cross-site scripting in the product description parameter that could lead to the execution of arbitrary...

CVE-2023-43148

SPA-Cart 1.9.0.3 has a Cross Site Request Forgery CSRF vulnerability that allows a remote attacker to delete all accounts...

CVE-2023-43148

SPA-Cart 1.9.0.3 has a Cross Site Request Forgery CSRF vulnerability that allows a remote attacker to delete all accounts...

CVE-2023-43149

SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery CSRF that allows a remote attacker to add an admin user with role status...

SPA-Cart eCommerce CMS Cross-Site Request Forgery Vulnerability

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart Inc. A security vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3 that stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerability to delete all accounts...

SPA-Cart eCommerce CMS Cross-Site Request Forgery Vulnerability

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart Inc. A security vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3 that stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerability to add an administrator user with role...

PT-2023-28718 · Spa-Cart · Spa-Cart

Name of the Vulnerable Software and Affected Versions: SPA-Cart version 1.9.0.3 Description: The issue allows a remote attacker to delete all accounts due to a Cross Site Request Forgery CSRF vulnerability. Recommendations: For SPA-Cart version 1.9.0.3, at the moment, there is no information abou...

SPA-Cart eCommerce CMS 跨站脚本漏洞

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart. A cross-site scripting vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3, which stems from the parameter filterbrandid/filterprice in the file /search can lead to cross-site scripting...

SPA-Cart eCommerce CMS SQL注入漏洞

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart. A SQL injection vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3, which stems from the parameter filterbrandid in the file /search that can lead to sql injection...

PT-2023-29563 · Unknown · Spa-Cart Ecommerce Cms

Name of the Vulnerable Software and Affected Versions: SPA-Cart eCommerce CMS version 1.9.0.3 Description: A critical vulnerability has been found in the GET Parameter Handler component of the /search file. The manipulation of the filterbrandid argument leads to SQL injection. This issue can be...

openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-234)

This update brings the mozilla-xulrunner190 engine to version 1.9.0.3, fixing a number of bugs and security problems : MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped B...