20 matches found
CVE-2023-4707
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier...
CVE-2023-4708
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
EUVD-2023-54555
Malicious code in bioql PyPI...
EUVD-2023-54556
Malicious code in bioql PyPI...
Clcknshop 1.0.0 Cross Site Scripting Vulnerability
Exploit Title: Clcknshop 1.0.0 - Reflected XSS Exploit Author: CraCkEr Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact: Manipulate the...
Clcknshop 1.0.0 SQL Injection Vulnerability
Exploit Title: Clcknshop 1.0.0 - SQL Injection Exploit Author: CraCkEr Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact: Database Access...
Clcknshop 1.0.0 Cross Site Scripting
Exploit Title: Clcknshop 1.0.0 - Reflected XSS Exploit Author: CraCkEr Date: 16/08/2023 Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact...
Clcknshop 1.0.0 SQL Injection
Exploit Title: Clcknshop 1.0.0 - SQL Injection Exploit Author: CraCkEr Date: 16/08/2023 Vendor: Infosoftbd Solutions Vendor Homepage: https://infosoftbd.com/ Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/ Demo: https://kidszone.clckn.shop/ Tested on: Windows 10 Pro Impact...
CVE-2023-4708
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4707
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier...
CVE-2023-4708
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
Sql injection
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4708 Infosoftbd Clcknshop GET Parameter all sql injection
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4708 Infosoftbd Clcknshop GET Parameter all sql injection
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely...
CVE-2023-4708
CVE-2023-4708 affects Infosoftbd Clcknshop 1.0.0. The vulnerability lies in the GET Parameter Handler for the path /collection/all, where the GET parameter named “tag” can be manipulated to perform an SQL injection. Root cause: improper handling of the tag argument leads to database queries being...
CVE-2023-4707
Infosoftbd Clcknshop 1.0.0 is affected. Vulnerability exists in /collection/all; manipulating GET parameter q triggers reflected cross-site scripting (XSS). Exploitation is described as possible remotely; some sources imply potential for session or credential exposure, though explicit exploit det...
CVE-2023-4707 Infosoftbd Clcknshop all cross site scripting
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier...
PT-2023-30296 · Infosoftbd · Infosoftbd Clcknshop
Name of the Vulnerable Software and Affected Versions: Infosoftbd Clcknshop version 1.0.0 Description: A vulnerability was found in Infosoftbd Clcknshop, affecting unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiat...
Infosoftbd Clcknshop Cross-Site Scripting Vulnerability
Infosoftbd Clcknshop is a multi-tenant/multi-tenant SAAS based e-commerce platform from Infosoftbd. A cross-site scripting vulnerability exists in Infosoftbd Clcknshop that stems from the fact that incorrect manipulation of the parameter q can lead to cross-site scripting...
Infosoftbd Clcknshop SQL Injection Vulnerability
Infosoftbd Clcknshop is a multi-tenant/multi-tenant SAAS based e-commerce platform from Infosoftbd. Infosoftbd Clcknshop suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulation of the parameter tag can lead to sql injection...