14 matches found
CVE-2025-63879
A reflected cross-site scripted XSS vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the id parameter...
CVE-2025-63879
A reflected cross-site scripted XSS vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the id parameter...
CVE-2025-63879
A reflected cross-site scripted XSS vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the id parameter...
CVE-2025-63879
A reflected cross-site scripted XSS vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the id parameter...
PHP-ECOMMERCE-PROJECT 安全漏洞
PHP-ECOMMERCE-PROJECT is an e-commerce website by the individual developer MD RAHATUL RABBI. A security vulnerability exists in PHP-ECOMMERCE-PROJECT v1.0 and earlier versions, which originates from a reflected cross-site scripting in the id parameter of the /ecommerce/products.php component, whi...
CVE-2025-63879
CVE-2025-63879 affects the E-commerce Project (software) in versions v1.0 and earlier, specifically the /ecommerce/products.php component. The issue is a reflected XSS vulnerability triggered by injecting a payload into the id parameter, allowing arbitrary Javascript to run in a user’s browser. T...
PT-2025-47472
A reflected cross-site scripted XSS vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the id parameter...
EUVD-2022-52360
Malicious code in bioql PyPI...
CVE-2022-30482
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting XSS in \admin\addcata.php via the ctgname parameters...
CVE-2022-30478
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in \searchproduct.php via the keyword parameters...
CVE-2022-30482
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting XSS in \admin\addcata.php via the ctgname parameters...
CVE-2022-30478
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in \searchproduct.php via the keyword parameters...
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 跨站脚本漏洞
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar is an e-commerce project. ecommerce-project-with-php-and-mysqli-Fruits-Bazar version 1.0 is vulnerable to a cross-site scripting vulnerability that stems from The ctgname parameter on the adminaddcata.php page lacks a checksum filter for...
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar SQL注入漏洞
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar an e-commerce project. ecommerce-project-with-php-and-mysqli-Fruits-Bazar version 1.0 is vulnerable to SQL injection, which stems from The keyword parameter of the searchproduct.php page lacks validation for external input SQL statements. An...