49 matches found
SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filterbrandid/filterprice leads to cross site scripting. The attack may be launched remotely...
CVE-2020-23978
SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"...
CVE-2020-23975
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter...
EUVD-2020-16714
Malware in sbrugna...
EUVD-2020-16712
Malware in sbrugna...
EUVD-2023-44165
Malicious code in bioql PyPI...
CVE-2023-3506
A vulnerability was found in Active It Zone Active eCommerce CMS 6.5.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ecommerce/supportticket of the component Create Ticket Page. The manipulation of the argument details with the input leads to cross sit...
CVE-2020-23976
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter...
SPA-Cart eCommerce CMS Cross-Site Request Forgery Vulnerability
SPA-Cart eCommerce CMS is a CMS system from SPA-Cart Inc. A security vulnerability exists in SPA-Cart eCommerce CMS version 1.9.0.3 that stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerability to delete all accounts...
SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...
SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection Vulnerability
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-89 - CWE-74 - CWE-707 Greetings...
SPA-Cart eCommerce CMS 1.9.0.3 Cross Site Scripting
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4547 CWE:...
SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-89 - CWE-74 -...
CVE-2023-4548
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...
Sql injection
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...
CVE-2023-4548
CVE-2023-4548 affects SPA-Cart eCommerce CMS v1.9.0.3. A SQL injection flaw exists in the GET Parameter Handler’s GET parameter “filter[brandid]” within the /search endpoint, allowing remote abuse. Exploitation is demonstrated in public advisories and exploit listings (e.g., Exploit-DB, PacketSto...
CVE-2023-4548 SPA-Cart eCommerce CMS GET Parameter search sql injection
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filterbrandid leads to sql injection. It is possible to initiate the attack remotely...
CVE-2023-4547
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filterbrandid/filterprice leads to cross site scripting. The attack may be launched remotely...
CVE-2023-4547 SPA-Cart eCommerce CMS search cross site scripting
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filterbrandid/filterprice leads to cross site scripting. The attack may be launched remotely...
CVE-2023-3506
A vulnerability was found in Active It Zone Active eCommerce CMS 6.5.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ecommerce/supportticket of the component Create Ticket Page. The manipulation of the argument details with the input alert1 leads to...