17 matches found
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...
EUVD-2018-13388
Malware in sbrugna...
EUVD-2019-10732
Malware in sbrugna...
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
Exploit Title: PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection Date: 2021-07-10 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.peel.fr Software Link: https://sourceforge.net/projects/peel-shopping/files/peel-shopping930.zip/download Version: prior to...
Advisto PEEL Shopping Cross-Site Request Forgery Vulnerability (CNVD-2020-02449)
Advisto PEEL SHOPPING is an open source e-commerce system based on PHP and MySQL. A cross-site request forgery vulnerability exists in Advisto PEEL Shopping version 9.2.1. The vulnerability stems from a web application that does not adequately validate that a request is coming from a trusted user...
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...
Cross site request forgery (csrf)
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 is affected by a Cross-Site Request Forgery (CSRF) via administrer/utilisateurs.php that can be used to delete a user. The issue is described across multiple sources (e.g., NVD entry CVE-2019-20178 and Red Hat/CVE mirrors) as a CSRF vulnerability in the web application...
CVE-2019-20178
Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user...
Advisto PEEL SHOPPING Cross-Site Request Forgery Vulnerability
Advisto PEEL SHOPPING is an open source e-commerce system based on PHP and MySQL. A cross-site request forgery vulnerability exists in Advisto PEEL SHOPPING version 9.0.0. The vulnerability arises from a network system or product that does not adequately validate the origin or authenticity of dat...
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
Design/Logic Flaw
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
CVE-2018-20848
CVE-2018-20848 concerns Advisto PEEL SHOPPING 9.0.0. It describes a CSRF vulnerability exposed through en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, demonstrated by an XSS payload in the couleurId[0] parameter to the latter. The vulnerability is documented across multiple sources (...