CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/05/22 11:40 p.m.•2 views

CVE-2022-40841

A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...

6.1CVSS5.7AI score0.00287EPSS

Exploits1References1

ATTACKERKB•added 2023/08/16 2:15 p.m.•0 views

CVE-2023-33663

In the module “Customization fields fee for your store” aicustomfee from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue...

9.8CVSS7.3AI score0.00082EPSS

Exploits0References3

Prion•added 2023/08/16 2:15 p.m.•12 views

Sql injection

7.5CVSS9.8AI score0.00082EPSS

Exploits0References2Affected Software1

OSV•added 2022/12/21 6:15 p.m.•1 views

CVE-2022-40841

6.1CVSS5.9AI score0.00287EPSS

Exploits1References2

Positive Technologies•added 2022/12/21 12:0 a.m.•2 views

PT-2022-25572 · Unknown · Ndkadvancedcustomizationfields

Name of the Vulnerable Software and Affected Versions: NdkAdvancedCustomizationFields version 3.5.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via crafted payloads injected into the htmlNodes parameter. This enables attackers to...

6.1CVSS6AI score0.00287EPSS

Exploits1References5

OSV•added 2022/11/22 1:15 a.m.•0 views

CVE-2022-40842

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...

9.1CVSS5.8AI score0.00711EPSS

Exploits1References2

OSV•added 2022/11/02 1:15 p.m.•0 views

CVE-2022-40840

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting XSS via createPdf.php...

6.1CVSS5.8AI score0.00139EPSS

Exploits1References2

Positive Technologies•added 2022/11/02 12:0 a.m.•2 views

PT-2022-25571 · Unknown · Ndkadvancedcustomizationfields

Name of the Vulnerable Software and Affected Versions: NdkAdvancedCustomizationFields version 3.5.0 Description: The issue concerns a Cross Site Scripting XSS problem. It can be exploited via the createPdf.php endpoint. Recommendations: For version 3.5.0, update to a newer version that contains a...

6.1CVSS6AI score0.00139EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by