CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

Packet Storm•added 2026/04/29 12:0 a.m.•45 views

📄 Pizzafy Ecommerce System 1.0 SQL Injection

The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise. SQL Injection in...

5.8CVSS5.3AI score0.00039EPSS

Exploits1

ATTACKERKB•added 2026/04/20 4:19 p.m.•1 views

CVE-2026-40098

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the shared wishlist add-to-cart endpoint authorizes access with a public...

5.3CVSS5.8AI score0.0002EPSS

Exploits1References2Affected Software1

CNNVD•added 2026/03/12 12:0 a.m.•2 views

Netartmedia PHP Mall SQL注入漏洞

Netartmedia PHP Mall is an e-commerce platform system operated by the Bulgarian company Netartmedia. Version 4.1 of Netartmedia PHP Mall contains a SQL injection vulnerability. This vulnerability stems from multiple parameters that are susceptible to SQL injections, potentially allowing unverifie...

8.8CVSS5.9AI score0.00093EPSS

Exploits1References2

CNNVD•added 2026/02/20 12:0 a.m.•4 views

E-commerce 安全漏洞

E-commerce is a dynamic e-commerce website developed by Bhabishya Ghimire as an individual developer. Version 1.0.0 of E-commerce has a security vulnerability, which stems from improper handling of the getsafevalue function in the utility/function.php file. This vulnerability may lead to cross-si...

5.4CVSS5.6AI score0.00024EPSS

Exploits1References6

CNNVD•added 2025/11/29 12:0 a.m.•3 views

XMall 安全漏洞

XMall is a distributed e-commerce shopping mall based on SOA architecture by an individual developer at Exrick. A security vulnerability exists in XMall v1.1, which stems from improper handling of user input and could lead to cross-site scripting attacks...

6.1CVSS6AI score0.00033EPSS

Exploits1References2

Imperva Blog•added 2025/11/26 10:44 a.m.•6 views

How Thales Protects Online Retail Sites from AI-Driven Bots during Holiday Shopping Season

Every November and December, online retailers gear up for their biggest revenue surge of the year. But while the traffic and transactions climb, so does the threat level. Cybercriminals know exactly when customer activity and the pressure on retail systems is at its highest and they’re automating...

6.9AI score

Exploits0

CNNVD•added 2025/11/17 12:0 a.m.•1 views

Kashipara Online Furniture Shopping Ecommerce Website 安全漏洞

Kashipara Online Furniture Shopping Ecommerce Website is a fast online shopping ecommerce website from Kashipara. A security vulnerability exists in Kashipara Online Furniture Shopping Ecommerce Website version 1.0, which stems from an unvalidated recoveremail parameter in userpasswordrecover.php...

6.5CVSS7.7AI score0.00037EPSS

Exploits1References3