Lucene search
+L

28 matches found

NVD
NVD
added 2026/07/06 6:16 a.m.10 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/06 5:45 a.m.8 views

EUVD-2026-41810

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/06 5:45 a.m.6 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/07/06 5:45 a.m.39 views

CVE-2026-14799 CodeAstro Ecommerce Website my_account.php sql injection

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 2026/07/06 5:45 a.m.16 views

CVE-2026-14799

CodeAstro Ecommerce Website 1.0 is affected by CVE-2026-14799 due to a SQL injection in /customer/my_account.php?my_wishlist when manipulating the delete_wishlist argument. The issue is exploitable remotely with a low-privilege, no-user-interaction path (network vector, low complexity; exploit ma...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 8:16 p.m.8 views

CVE-2026-14767

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoiceno results in sql injection. The attack can be executed...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 7:45 p.m.7 views

EUVD-2026-41777

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoiceno results in sql injection. The attack can be executed...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 7:45 p.m.19 views

CVE-2026-14767

CodeAstro Ecommerce Website 1.0 contains a SQL injection in the POST Parameter Handler within /ecommerce-website-php/customer/confirm.php (invoice_no). The vulnerability can be triggered remotely; the exploit has been released publicly. The CVSS-derived metrics in the sources indicate network att...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 7:45 p.m.8 views

CVE-2026-14767

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoiceno results in sql injection. The attack can be executed...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/07/05 7:45 p.m.26 views

CVE-2026-14767 CodeAstro Ecommerce Website POST Parameter confirm.php sql injection

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoiceno results in sql injection. The attack can be executed...

6.5CVSS0.00204EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55819

Name of the Vulnerable Software and Affected Versions CodeAstro Ecommerce Website version 1.0 Description An SQL injection flaw exists in the POST Parameter Handler component within the file /ecommerce-website-php/customer/confirm.php. A remote attacker can exploit this by manipulating the invoic...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References12
NVD
NVD
added 2026/07/04 6:16 p.m.11 views

CVE-2026-14639

A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/04 6:0 p.m.35 views

CVE-2026-14639 CodeAstro Ecommerce Website my_account.php sql injection

A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/04 6:0 p.m.13 views

EUVD-2026-41683

A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/myaccount.php?editaccount. Such manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 6:0 p.m.17 views

CVE-2026-14639

CVE-2026-14639 affects CodeAstro Ecommerce Website 1.0. The vulnerability is an SQL injection in the code path handling the URL /ecommerce-website-php/customer/my_account.php?edit_account, caused by unsafely manipulated parameter c_name. This allows potentially remote attacker access with low pri...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.12 views

PT-2026-55722

Name of the Vulnerable Software and Affected Versions CodeAstro Ecommerce Website version 1.0 Description An issue exists that allows remote SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This occurs via the c name variable within the...

6.5CVSS6.7AI score0.002EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.8 views

CVE-2024-2351

A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...

9.8CVSS7.5AI score0.00684EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25380

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00264EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27305

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00684EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/22 6:26 p.m.7 views

CVE-2025-9237

A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...

5.4CVSS3.6AI score0.00264EPSS
Exploits1References1
Rows per page
Query Builder