Lucene search
K

29 matches found

NVD
NVD
added 2026/02/03 10:16 p.m.8 views

CVE-2020-37081

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

7.1CVSS0.00198EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/03 10:1 p.m.4 views

EUVD-2020-30994

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

7.1CVSS5.8AI score0.00198EPSS
Exploits0References4
OSV
OSV
added 2025/11/17 8:15 p.m.3 views

CVE-2024-44661

PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting XSS via the quantity parameter in my-cart.php...

5.4CVSS5.8AI score0.00192EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.5 views

PT-2025-47199

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal is susceptible to a Cross Site Scripting XSS issue. This flaw is located in the my-cart.php file and specifically affects the quantity parameter...

5.4CVSS6.3AI score0.00192EPSS
Exploits1References6
CVE
CVE
added 2025/10/08 2:2 p.m.14 views

CVE-2025-11478

CVE-2025-11478 affects SourceCodester Farm Management System 1.0. The vulnerability stems from manipulation of the pid parameter in /myCart.php, enabling SQL injection and remote exploitation. Public exploits exist. Multiple connected sources corroborate the flaw, but there is no information in t...

8.8CVSS6.3AI score0.00308EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-15565

Malware in sbrugna...

6.1CVSS6.3AI score0.0081EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-18899

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:37 a.m.7 views

CVE-2019-5979

Cross-site request forgery CSRF vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score0.01047EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.3 views

CampCodes Online Shopping Portal 注入漏洞

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. CampCodes Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter billingaddress in file /my-cart.php. An...

9.8CVSS8.2AI score0.00398EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 4:52 p.m.5 views

GHSA-R728-JWF5-F5R5 Magento Reflected cross-site scripting on customer cart page

A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's...

6.1CVSS5.9AI score0.01042EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 4:52 p.m.18 views

Magento Reflected cross-site scripting on customer cart page

A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's...

6.1CVSS6AI score0.01042EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/04/29 7:15 p.m.9 views

CVE-2020-22808

An issue was found in yii2fecshop 2.x. There is a reflected XSS vulnerability in the check cart page...

6.1CVSS5.9AI score
Exploits0References2
Prion
Prion
added 2021/04/29 7:15 p.m.12 views

Cross site scripting

An issue was found in yii2fecshop 2.x. There is a reflected XSS vulnerability in the check cart page...

4.3CVSS5.9AI score0.0081EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/04/29 6:18 p.m.49 views

CVE-2020-22808

CVE-2020-22808 affects yii2_fecshop 2.x with a reflected XSS vulnerability on the check cart page. The available documents attribute the issue to improper handling/encoding of user-supplied input leading to reflected script execution. Impact details are noted in the CVSS metadata (CVSSv3.1: base ...

6.1CVSS5.9AI score0.0081EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.1 views

yii2_fecshop 跨站脚本漏洞

yii2fecshop is an application system . Based on php Yii2 framework on top of the development of an excellent open source e-commerce system. A security vulnerability exists in version 2.x of yii2fecshop, which stems from a reflected XSS vulnerability in the shopping cart page...

6.1CVSS6.2AI score0.0081EPSS
Exploits1References3
Patchstack
Patchstack
added 2019/07/10 12:0 a.m.17 views

WordPress Personalized WooCommerce Cart Page plugin <= 2.4 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Cryptography Laboratory in WordPress Personalized WooCommerce Cart Page plugin versions = 2.4. Solution Update the WordPress Personalized WooCommerce Cart Page plugin to the latest available version at least 2.5...

8.8CVSS3.1AI score0.01047EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/07/05 2:15 p.m.4 views

CVE-2019-5979

Cross-site request forgery CSRF vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS6.5AI score0.01047EPSS
Exploits0References3
NVD
NVD
added 2019/07/05 2:15 p.m.18 views

CVE-2019-5979

Cross-site request forgery CSRF vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS8.8AI score0.01047EPSS
Exploits0References3
Prion
Prion
added 2019/07/05 2:15 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Personalized WooCommerce Cart Page 2.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

6.8CVSS8.8AI score0.01047EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/07/05 1:20 p.m.75 views

CVE-2019-5979

Summary (CVE-2019-5979): A CSRF flaw in the WordPress plugin “Personalized WooCommerce Cart Page” (versions 2.4 and earlier) could allow remote attackers to hijack administrator accounts through unspecified vectors. Public references consistently identify the affected component as the Personalize...

8.8CVSS8.8AI score0.01047EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder