Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-46408

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cartid and uses it to enter the payment flow without verifying cart ownership. A logged-in attacker can therefore reuse another...

7.6CVSS5.5AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 7:17 p.m.38 views

CVE-2026-46408

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cartid and uses it to enter the payment flow without verifying cart ownership. A logged-in attacker can therefore reuse another...

7.6CVSS0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.7 views

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.3 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the checkout endpoint accepted...

7.6CVSS5.8AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 5:52 p.m.2 views

CVE-2026-31867 Craft Commerce has a Potential IDOR in Commerce carts

Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.11.0 and 5.6.0, An Insecure Direct Object Reference IDOR vulnerability exists in Craft Commerce’s cart functionality that allows users to hijack any shopping cart by knowing or guessing its 32-character number. The CartController...

6.3CVSS5.8AI score0.00284EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/09/17 12:0 a.m.3 views

Online Eyewear Shop 安全漏洞

Online Eyewear Shop is an online eyewear store by the individual developer Carlo Montero. A security vulnerability exists in Online Eyewear Shop version 1.0, which stems from an unknown part of the Cart Content Handler component, where the manipulation of the parameter cartid/id results in improp...

8.8CVSS6.4AI score0.00723EPSS
Exploits0References6
OSV
OSV
added 2023/03/22 1:15 p.m.2 views

CVE-2023-27638

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...

9.8CVSS7.2AI score
Exploits0References3
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.2 views

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts and product image scaling. A security vulnerability exists in PrestaShop tshirtecommerce version 2.1.4, which stems from the ability to...

9.8CVSS8.6AI score0.03299EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2023/03/21 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-27638

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...

9.8CVSS7.2AI score0.03299EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/02/06 12:0 a.m.5 views

PT-2023-16455 · Sourcecodester · Sourcecodester Online Eyewear Shop

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical issue has been found, affecting the function update cart of the file /oews/classes/Master.php?f=update cart in the HTTP POST Request Handler component. The manipulation of...

9.8CVSS5.8AI score0.00552EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/06 12:0 a.m.6 views

Online Eyewear Shop SQL注入漏洞

Online Eyewear Shop is an online eyewear store by the personal developer Carlo Montero. A SQL injection vulnerability exists in Online Eyewear Shop version 1.0, which stems from an incorrect manipulation of the parameter cartid resulting in sql injection...

9.8CVSS6.5AI score0.00552EPSS
Exploits0References3
CNVD
CNVD
added 2017/06/21 12:0 a.m.3 views

SQL Injection Vulnerability in the cartSettlement Method of ShopSn V2.0 Mall System

ShopsN Mall system is a product of Shanghai Yiso Network Technology Co., Ltd, an enterprise-class commercial standard full-featured allow free commercial use of open source online store full network system. A SQL injection vulnerability exists in the cartid parameter in the cartSettlement method ...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2009/01/01 12:0 a.m.47 views

ViArt Shopping Cart 3.5 XSS / Info Disclosure

============================================================== ViArt Shopping Cart v3.5 is multiple remote vulnerbalities maybe anathor version ============================================================== --==Author==-- : Florinu --==E-mail==-- : [email protected] -dont add to your messenger ...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/01 12:0 a.m.43 views

Viart shopping cart 3.5 - Multiple Vulnerabilities

=============================================================== !vuln ViArt Shopping Cart v3.5 is prone to multiple remote vulnerabilities. Earlier versions may also be affected. ===============================================================...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2001/12/17 12:0 a.m.4 views

PT-2001-2334 · Agora · Agora

Name of the Vulnerable Software and Affected Versions: Agora versions 3.0a through 4.0g Description: The issue allows remote attackers to execute Javascript on other clients via the cart id parameter in agora.cgi when debug mode is enabled. This occurs because of a cross-site scripting issue...

7.5CVSS6.3AI score0.08727EPSS
Exploits1References7
Rows per page
Query Builder