16 matches found
WordPress WooCommerce Checkout For Digital Goods Plugin <= 3.7.0 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Checkout For Digital Goods Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a6999287f2ca Credits Rafie...
WordPress WooCommerce Checkout For Digital Goods plugin <= 3.6.3 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Checkout For Digital Goods plugin versions = 3.6.3. Solution Update the WordPress WooCommerce Checkout For Digital Goods plugin to the latest available version at least 3.6.4...
WordPress WooCommerce Checkout For Digital Goods plugin <= 3.6.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Checkout For Digital Goods plugin versions = 3.6.3. Solution Update the WordPress WooCommerce Checkout For Digital Goods plugin to the latest available version at least 3.6.4...
Capcom Arcade Stadium’s record player numbers blamed on card mining
Some of my favourite retro video games are making waves on Steam, but not in the way you might think. Classics such as Strider, Ghosts n’ Goblins, and more are all available as content for Capcom Arcade Stadium. This is an emulator which lets you play 31 arcade games from the 80s/90s. The games...
WordPress Woo Checkout for Digital Goods plugin <= 2.1 - Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability found by ThreatPress Research Team in WordPress Woo Checkout for Digital Goods plugin versions = 2.1. Solution Update the WordPress Woo Checkout for Digital Goods plugin to the latest available version at least 2.2...
Cross site request forgery (csrf)
An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods plugin 2.1 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker via spear phishing/social engineering, the attacker can change the plugin settings. The function...
CVE-2018-11633
The CVE-2018-11633 issue affects the MULTIDOTS Woo Checkout for Digital Goods plugin for WordPress (version 2.1). The vulnerability stems from the function woo_checkout_settings_page in class-woo-checkout-for-digital-goods-admin.php not validating CSRF against wp-admin/admin-post.php and lacking ...
WooCommerce Checkout For Digital Goods <= 2.1 - CSRF to Settings Change
The Digital Goods for WooCommerce Checkout WordPress plugin was affected by a CSRF to Settings Change security vulnerability...
Ecommercemax Solutions Digital Goods Seller SQL Injection
No description provided by source. Author: R4dc0re Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity Date: 05-12-2010 Vendor or Software Link:http://www.ecommercemax.com/ Category:WebApp Version:1.5 Price:60$ Contact: [email protected] Website: www.1337db.com...
ZeroClipboard Wordpress plugin XSS / FPD Vulnerabilities
Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with ZeroClipboard.swf. These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard...
The Pirate Bay Buys Greek Airspace for Launching Low Orbit Server Drones
The Pirate Bay Buys Greek Airspace for Launching Low Orbit Server Drones Few days back we reported that, One of the world's largest BitTorrent sites "The Pirate Bay" is going to put servers on GPS-controlled aircraft drones in order to evade authorities who are looking to shut the site down. Most...
CVE-2010-4735
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller DGS 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter...
Sql injection
SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller DGS 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter...
CVE-2010-4735
The CVE-2010-4735 entry describes an SQL injection vulnerability in the shoppingcart.asp of Ecommercemax Solutions Digital-goods seller (DGS) 1.5. The underlying issue is that the d parameter is not properly sanitized, enabling remote attackers to execute arbitrary SQL commands. Impact is partial...
Ecommercemax Solutions Digital Goods Seller - SQL Injection
Author: R4dc0re Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity Date: 05-12-2010 Vendor or Software Link:http://www.ecommercemax.com/ Category:WebApp Version:1.5 Price:60$ Contact: [email protected] Website: www.1337db.com Greetings to: R0073r1337db.com, L0rd...
Ecommercemax Solutions Digital Goods Seller - SQL Injection
Ecommercemax Solutions Digital Goods Seller - SQL Injection Author: R4dc0re Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity Date: 05-12-2010 Vendor or Software Link:http://www.ecommercemax.com/ Category:WebApp Version:1.5 Price:60$ Contact: [email protected]...