Lucene search
K

150 matches found

CNVD
CNVD
added 2018/10/26 12:0 a.m.2 views

Stored Cross-site Scripting Vulnerability in S-CMS E-commerce System

S-CMS e-commerce system is an e-commerce software. A stored cross-site scripting vulnerability exists in the S-CMS e-commerce system. An attacker can insert malicious js code into a page to obtain user cookies and other information, leading to user hijacking...

6.3AI score
Exploits0
CNVD
CNVD
added 2018/05/29 12:0 a.m.4 views

Arbitrary File Deletion Vulnerability in TinyShop V3.1.1 E-Commerce System

TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. An arbitrary file deletion vulnerability exists in TinyShop V3.1.1 e-commerce system due to the system's failure to effectively...

7AI score
Exploits0
CNVD
CNVD
added 2018/03/12 12:0 a.m.4 views

OXID eSales OXID eShop Denial of Service Vulnerability

OXID eSales OXID eShop is a set of e-commerce content management system of Germany OXID eSales company. The system includes B2C, B2B and other modules. A security vulnerability exists in OXID eSales OXID eShop. A remote attacker can exploit this vulnerability to cause a denial of service...

7.5CVSS6.8AI score0.01226EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/01 12:0 a.m.5 views

Logical design flaws in mallbuilder e-commerce system

MallBuilder is a multi-user online shopping mall solution based on PHP + MYSQL. A logical design vulnerability exists in the mallbuilder e-commerce system. An attacker can exploit this vulnerability to modify database information...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/06/15 12:0 a.m.2 views

SQL Injection Vulnerability in DBShop search_content Parameter

DBShop based on PHP official ZendFramework 2 framework for the development of a new generation of e-commerce system perfect support for PHP7. A SQL injection vulnerability exists in the DBShop searchcontent parameter, due to the program failing to filter user input data. An attacker can exploit...

7.7AI score
Exploits0
CNVD
CNVD
added 2017/06/10 12:0 a.m.3 views

WSTShop suffers from an administrator password reset vulnerability

WSTShop e-commerce system is a single merchant e-commerce system based on PHP+MySQL. WSTShop suffers from an administrator password reset vulnerability. The vulnerability stems from an installation file bypass, which can be exploited by an attacker to reset the administrator password...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/01/08 12:0 a.m.4 views

CosmoShop ePRO Cross-Site Request Forgery Vulnerability

CosmoShop ePRO is a cloud e-commerce system based on Magento. The system is able to quickly complete domain name setup, online store installation, server deployment and product launch. A cross-site request forgery vulnerability exists in CosmoShop ePRO 10.05.00, which allows remote attackers to...

6.8CVSS7.2AI score0.00609EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2889/exploit DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data,...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/04/11 12:0 a.m.20 views

Matterdaddy Market 1.1 SQL Injection

Title: ====== Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Date: ===== 2012-04-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=499 VL-ID: ===== 499 Introduction: ============= Matterdaddy Market is a application that allows you to run your own online...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2001/06/18 12:0 a.m.51 views

DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)

DC Scripts DCShop Beta 1.0 02 - File Disclosure 2 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...

7.4AI score
Exploits0
Rows per page
Query Builder