Lucene search
+L

14 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13389

Malware in sbrugna...

6.1CVSS6.3AI score0.00978EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 7:42 a.m.7 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6.1CVSS5.9AI score0.00978EPSS
Exploits1References1
nvd
nvd
added 2019/06/30 7:15 p.m.17 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6.1CVSS6AI score0.00978EPSS
Exploits1References1
osv
osv
added 2019/06/30 7:15 p.m.3 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6.1CVSS5.8AI score0.00978EPSS
Exploits1References1
prion
prion
added 2019/06/30 7:15 p.m.15 views

Design/Logic Flaw

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

4.3CVSS5.9AI score0.00978EPSS
Exploits1References1Affected Software1
cve
cve
added 2019/06/30 6:15 p.m.45 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is affected by CVE-2018-20849: a cross-site scripting (XSS) vulnerability exploitable via PATH_INFO to the login/ URI. The root cause is insufficient input validation leading to stored/reflective-like misuse of user-controlled data that can affect the login path. Documente...

6.1CVSS5.9AI score0.00978EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2019/06/30 6:15 p.m.23 views

CVE-2018-20849

Arastta eCommerce 1.6.2 is vulnerable to XSS via the PATHINFO to the login/ URI...

6AI score0.00978EPSS
Exploits1References1
cnvd
cnvd
added 2019/06/30 12:0 a.m.4 views

Arastta eCommerce Cross-Site Scripting Vulnerability

Arastta eCommerce is an open source eCommerce platform. A cross-site scripting vulnerability exists in Arastta eCommerce version 1.6.2. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute...

6.1CVSS6.4AI score0.00978EPSS
Exploits1References1
packetstorm
packetstorm
added 2018/05/03 12:0 a.m.19 views

Arastta 1.6.2 Cross Site Scripting

================================================= Synopsis: Arastta 1.6.2 xss vulnerability Product: Arastta eCommerce: Free Shopping Cart Version: 1.6.2 Researcher: Matt Landers [email protected] twitter.com/matthewjland https://mjlanders.org/ ================================================...

0.2AI score
Exploits0
zdt
zdt
added 2015/12/23 12:0 a.m.29 views

Arastta 1.1.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications Security Advisory - Curesec Research Team 1. Introduction Affected Product: Arastta 1.1.5 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/12/23 12:0 a.m.24 views

Arastta 1.1.5 - SQL Injection

Arastta 1.1.5 - SQL Injection Security Advisory - Curesec Research Team 1. Introduction Affected Product: Arastta 1.1.5 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclose...

0.5AI score
Exploits0
packetstorm
packetstorm
added 2015/12/23 12:0 a.m.32 views

Arastta 1.1.5 SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Arastta 1.1.5 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 12/21/2015 Releas...

0.5AI score
Exploits0
packetstorm
packetstorm
added 2015/12/23 12:0 a.m.31 views

Arastta 1.1.5 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Arastta 1.1.5 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 12/21/2015 Release mode: Fu...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2015/12/23 12:0 a.m.37 views

Arastta 1.1.5 - SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Arastta 1.1.5 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 12/21/2015 Releas...

7.4AI score
Exploits0
Rows per page
Query Builder