9 matches found
EUVD-2021-29039
Malicious code in bioql PyPI...
EUVD-2025-14314
Malicious code in bioql PyPI...
EUVD-2021-29038
Malicious code in bioql PyPI...
PT-2025-34807 · Unknown · Abantecart
Name of the Vulnerable Software and Affected Versions: AbanteCart version 1.4.2 Description: A directory traversal issue exists in AbanteCart version 1.4.2 that allows unauthenticated attackers to access sensitive system files. This is achieved by manipulating the template parameter within the...
CVE-2024-50801
A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in the update function in publichtml/admin/controller/responses/listinggrid/collections.php. The vulnerability is exploitable via the id parameter...
CVE-2021-42051
An issue was discovered in AbanteCart before 1.3.2. Any low-privileged user with file-upload permissions can upload a malicious SVG document that contains an XSS payload...
CVE-2025-40626
Reflected Cross-Site Scripting XSS vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by sending the victim a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform...
CVE-2025-40627 Reflected Cross-Site Scripting (XSS) in AbanteCart
Reflected Cross-Site Scripting XSS vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by sending the victim a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform...
CVE-2025-40627
CVE-2025-40627 affects AbanteCart v1.4.0. It describes a Reflected Cross‑Site Scripting (XSS) vulnerability in the /eyes? endpoint that lets an attacker deliver JavaScript to a victim’s browser, potentially stealing session cookies or acting on behalf of the user. The vulnerability is documented ...