6 matches found
CVE-2025-40701
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701 Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...
CVE-2025-40701
SOTESHOP 8.3.4 contains a Reflected XSS in /adsTracker/checkAds via the id parameter. An attacker can inject JS and run it in the victim’s browser, potentially stealing session cookies or acting on behalf of the user. CVSS 4.0 suggests 5.1 base score (MEDIUM) with network attack vector, low compl...
SOTESHOP 跨站脚本漏洞
SOTESHOP is an online shopping system developed by SOTESHOP Corporation. Version SOTESHOP 8.3.4 contains a cross-site scripting vulnerability. This vulnerability stems from improper handling of the id parameter in adsTracker/checkAds, which may allow attackers to execute JavaScript code in the...
PT-2026-21512
Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's browser when a malicious URL with the 'id' parameter in '/adsTracker/checkAds' is sent to the victim. The vulnerability can be exploited to steal...