12 matches found
CVE-2024-2351
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...
EUVD-2024-27305
Malicious code in bioql PyPI...
EUVD-2025-25380
Malicious code in bioql PyPI...
CVE-2025-9237
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...
CVE-2025-9237
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...
CVE-2025-9237
CodeAstro Ecommerce Website 1.0 is affected by a cross-site scripting (XSS) issue in the Edit Your Account Page, specifically via manipulation of the Username parameter in /customer/my_account.php?edit_account. The vulnerability originates from an unknown function in that page; exploitation can b...
CVE-2025-9237 CodeAstro Ecommerce Website Edit Your Account my_account.php cross site scripting
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...
CVE-2025-9237 CodeAstro Ecommerce Website Edit Your Account my_account.php cross site scripting
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/myaccount.php?editaccount of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the...
PT-2025-34140 · Codeastro · Codeastro Ecommerce Site
Name of the Vulnerable Software and Affected Versions: CodeAstro Ecommerce Website version 1.0 Description: A vulnerability exists in CodeAstro Ecommerce Website 1.0 that allows for cross-site scripting. The issue is located in an unknown function of the /customer/my account.php?edit account file...
CVE-2024-2351
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...
CVE-2024-2351 CodeAstro Ecommerce Site Search action.php sql injection
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...
CVE-2024-2351 CodeAstro Ecommerce Site Search action.php sql injection
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...