CVE-2021-47897 PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting

PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the address parameter of the changeparams.php script. Attackers can inject malicious JavaScript payloads that execute when users interact with the address text box, potentially enabling client-side script execution...

PT-2026-4513

Name of the Vulnerable Software and Affected Versions PEEL Shopping version 9.3.0 Description The software contains a stored cross-site scripting issue in the address parameter of the ''change params.php'' script. Attackers can inject malicious JavaScript payloads that execute when users interact...

Chaturbate: Missing CSRF Protection in /stats EndPoint.

EndPoint /affiliates/stats. doesnot verify the CSRF Tokens Steps To Reproduce: 1. Login with the your account 2. Navigate to the URL https://chaturbate.com/affiliates/stats.. 3. Check the stats in default its todays date or this week in select period. 4. Intercept the request and change the...

IBM Cognos Analytics Security Bypass Vulnerability

IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. A security...

Unspecified vulnerability in SMA Solar Technology inverter (CNVD-2017-27846)

SMA Solar Technology inverter is a photovoltaic inverter device from SMA Germany. A security vulnerability exists in the SMA Solar Technology inverter. An attacker could exploit the vulnerability to change sensitive parameters...