EUVD-2021-8662

Malicious code in bioql PyPI...

Oracle Commerce 的 Oracle Commerce Platform 安全漏洞

Oracle Commerce is an e-commerce solution from Oracle Corporation. A security vulnerability exists in Oracle Commerce Platform for Oracle Commerce. An attacker could exploit the vulnerability to gain update, insert, or delete privileges to data...

PrestaShop cross-site scripting vulnerability (CNVD-2024-03224)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A cross-site scripting vulnerability exists in PrestaShop versions prior to 8.1.3. Th...

CVE-2021-21398

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fixed in 1.7.7.3...

CVE-2021-21398 Possible XSS injection through DataColumn Grid class

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fixed in 1.7.7.3...

CVE-2020-26223 Authorization bypass in Spree

Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Ord...

nopCommerce 3.70 Cross Site Scripting

Security Advisory CVE-ID: N/A Topic: Reflected Cross Site Scripting XSS Vulnerability in "successful registration" page Class: Input Validation Severity: Medium Discovery: 2016-04-28 Vendor Notification: 2016-04-28 Vendor response: 2016-05-30 Vendor Patch: 2016-05-31 Public Announced: 2016-08-15...

pre multi-vendor shopping malls Multiple Vulnerabilities

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THE NAME OF ALLAH -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pre...

AspxCommerce 2.0 - Arbitrary File Upload

AspxCommerce 2.0 - Arbitrary File Upload Exploit Title: AspxCommerce v2.0 - Arbitrary File Upload Vulnerability Exploit Author: SANTHO Vendor Homepage: http://www.aspxcommerce.com/ Version: Version 2.0 and below Introduction: AspxCommerce is a complete e-Commerce solution for setting up a fully...

EZ-Shop 1.02 - Lateral SQL Injection

Security Advisory Details: 14/04/2011 Script EZ-Shop 1.02 Location http://www.fcsoftware.co.uk/index.php?page=opensource Vulnerability SQL Injection Original Adv http://y-osirys.com/security/exploits/id28 Author Giovanni Buzzin, "Osirys" Site y-osirys.com Contact osirysatautisticidotorg Greets to...

PHP E-Mall SQL Injection / Cross Site Scripting

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

NGENUITY-2009-005 OpenCart Order By Blind SQL Injection

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2009-005 - OpenCart Order By Blind SQL Injection Application: OpenCart 1.1.8 Vendor: OpenCart Vendor website: http://www.opencart.com http://www.chambermaster.com Author: Adam Baldwin [email protected] I. BACKGROUND...

Joomla! Component VirtueMart Google Base 1.1 - Remote File Inclusion

================================================================================================================================ o VirtueMart Google Base Component 1.1 Remote File Inclusion Vulnerability Software : comgooglebase version 1.1 Vendor : www.e-commerce-solution.co.uk Download :...

CPCommerce 1.1.0 - Cross-Site Scripting Local File Inclusion

CPCommerce 1.1.0 - Cross-Site Scripting Local File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be...

CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion

www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original...

osCommerce Online Merchant v2.2 RC1 local include bug

osCommerce Online Merchant v2.2 RC1 local include bug SEVERITY: ========= Normal SOFTWARE: ========= osCommerce Online Merchant v2.2 RC1 http://oscommerce.com/ INFO: ===== osCommerce is an Open Source based online shop e-commerce solution that is available for free under the GNU General Public...

phpshopProject.txt

Vendor : phpShop Project URL : http://www.phpshop.org Version : phpShop 0.6.1-b && Earlier Versions?? Risk : Multiple Vulnerabilities Description: phpShop is a PHP-based e-commerce application and PHP development framework. phpShop offers the basic features needed to run a successful e-commerce w...

VPASP.txt

$Id: aresu-adv.6,v1 04/07/2003 aresu Exp $ 1ndonesian Security Team 1st AresU Advisory 6 VPASP SQL Injection 04/07/2003 VPASP SQL Injection Vulnerability & Exploit CODE Advisory Name: VPASP SQL Injection Vulnerability Release Date: 05/07/2003 Application: 5 Platform: Win32/MSSQL Severity: High BU...

Midicart ASP - Remote Customer Information Retrieval

source: https://www.securityfocus.com/bid/5438/info Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system. The default installation of Midicart ASP does not place sufficient access control on the...

Aktivate Shopping System Cross Site Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Aktivate Shopping System Cross Site Scripting Vulnerability Type: Cross Site Scripting Release Date: December 18, 2001 Product / Vendor: Aktivate is a complete, end-to-end e-commerce solution aimed at Linux and other Unices. Aktivate is targeted at...