150 matches found
Stored Cross-site Scripting Vulnerability in S-CMS E-commerce System
S-CMS e-commerce system is an e-commerce software. A stored cross-site scripting vulnerability exists in the S-CMS e-commerce system. An attacker can insert malicious js code into a page to obtain user cookies and other information, leading to user hijacking...
Arbitrary File Deletion Vulnerability in TinyShop V3.1.1 E-Commerce System
TinyShop is an e-commerce system online store system based on the Tiny framework, suitable for businesses and individuals to quickly build a personalized online store. An arbitrary file deletion vulnerability exists in TinyShop V3.1.1 e-commerce system due to the system's failure to effectively...
OXID eSales OXID eShop Denial of Service Vulnerability
OXID eSales OXID eShop is a set of e-commerce content management system of Germany OXID eSales company. The system includes B2C, B2B and other modules. A security vulnerability exists in OXID eSales OXID eShop. A remote attacker can exploit this vulnerability to cause a denial of service...
Logical design flaws in mallbuilder e-commerce system
MallBuilder is a multi-user online shopping mall solution based on PHP + MYSQL. A logical design vulnerability exists in the mallbuilder e-commerce system. An attacker can exploit this vulnerability to modify database information...
SQL Injection Vulnerability in DBShop search_content Parameter
DBShop based on PHP official ZendFramework 2 framework for the development of a new generation of e-commerce system perfect support for PHP7. A SQL injection vulnerability exists in the DBShop searchcontent parameter, due to the program failing to filter user input data. An attacker can exploit...
WSTShop suffers from an administrator password reset vulnerability
WSTShop e-commerce system is a single merchant e-commerce system based on PHP+MySQL. WSTShop suffers from an administrator password reset vulnerability. The vulnerability stems from an installation file bypass, which can be exploited by an attacker to reset the administrator password...
CosmoShop ePRO Cross-Site Request Forgery Vulnerability
CosmoShop ePRO is a cloud e-commerce system based on Magento. The system is able to quickly complete domain name setup, online store installation, server deployment and product launch. A cross-site request forgery vulnerability exists in CosmoShop ePRO 10.05.00, which allows remote attackers to...
DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2889/exploit DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data,...
Matterdaddy Market 1.1 SQL Injection
Title: ====== Matterdaddy Market v1.1 - SQL Injection Vulnerabilities Date: ===== 2012-04-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=499 VL-ID: ===== 499 Introduction: ============= Matterdaddy Market is a application that allows you to run your own online...
DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)
DC Scripts DCShop Beta 1.0 02 - File Disclosure 2 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...