CVE-2023-4548

A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...

EUVD-2023-28445

Malicious code in bioql PyPI...

PT-2025-27319 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical vulnerability has been found in the code-projects Inventory Management System, affecting an unknown functionality of the file /php action/removeBrand.php. The...

CVE-2025-6668

Code-projects Inventory Management System 1.0 contains a SQL injection in /php_action/fetchSelectedBrand.php via the brandId parameter. The issue is exploitable remotely and has public disclosure, with impact on confidentiality, integrity, and availability as described in multiple sources. No con...

Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter brandId in the file /phpaction/fetchSelectedBrand.php. An attacke...

PT-2025-26908 · Code Projects · Code-Projects Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical issue has been found in the code-projects Inventory Management System. The problem affects the /php action/fetchSelectedBrand.php file, where the manipulation of th...

CVE-2023-24389

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in brandiD Social Proof Testimonial Slider plugin = 2.2.3 versions...

CVE-2023-4548

A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...

SPA-Cart eCommerce CMS 跨站脚本漏洞

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart. A cross-site scripting vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3, which stems from the parameter filterbrandid/filterprice in the file /search can lead to cross-site scripting...

SPA-Cart eCommerce CMS SQL注入漏洞

SPA-Cart eCommerce CMS is a CMS system from SPA-Cart. A SQL injection vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3, which stems from the parameter filterbrandid in the file /search that can lead to sql injection...

CVE-2023-24389

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in brandiD Social Proof Testimonial Slider plugin = 2.2.3 versions...

CVE-2023-24389

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in brandiD Social Proof Testimonial Slider plugin = 2.2.3 versions...

CVE-2023-24389

CVE-2023-24389 is a stored cross-site scripting vulnerability in the brandiD Social Proof (Testimonial) Slider WordPress plugin, affecting versions

CVE-2023-24389 WordPress Social Proof (Testimonial) Slider Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in brandiD Social Proof Testimonial Slider plugin = 2.2.3 versions...

CVE-2023-24389 WordPress Social Proof (Testimonial) Slider Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in brandiD Social Proof Testimonial Slider plugin = 2.2.3 versions...

PT-2023-19550 · WordPress · Brandid Social Proof (Testimonial) Slider

Name of the Vulnerable Software and Affected Versions: brandiD Social Proof Testimonial Slider plugin versions = 2.2.3 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious scrip...

replicashop.ru XSS vulnerability

Open Bug Bounty ID: OBB-620110 Description| Value ---|--- Affected Website:| replicashop.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

DaMall商城系统httphandler/getdata.ashx SQL注入漏洞

0x01 框架介绍 商城网站建设-damall多功能商城建站系统,支持B2C2C,O2O模式...DaMall商城建站系统采用强劲的.NET企业级平台研发,可兼容多行业、多模式的业务特点以及扩展需求。 官方主页：http://www.bg68.com 0x02 漏洞细节 漏洞页面： http://mall.bg68.com/httphandler/getdata.ashx 参数brandid 部分用户案例： http://mall.hicay.com/httphandler/getdata.ashx http://w16.cxecs.com/httphandler/getdata.ash...

Fashione E-Commerce Webshop SQL Injection

/ / / / / / / / / / // / / / / ///// // Exploit Title: Fashione E-Commerce Webshop Multiple SQL Injection Vulnerabilities Date: 2010-09-19 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link: http://www.fashione.co.uk/ Version: All...