15 matches found
CVE-2026-9493
Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details...
EUVD-2026-33253
Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details...
EUVD-2025-33860
A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...
uzy-ssm-mall 安全漏洞
uzy-ssm-mall yuzu cloud e-commerce is an SSM framework by ghostxbh individual developer for building e-commerce, bookstore malls, customer management, and more. A security vulnerability exists in uzy-ssm-mall version 1.1.0, which stems from improper fastjson deserialization and could lead to the...
EUVD-2025-24793
Malicious code in bioql PyPI...
Sylius 安全漏洞
Sylius is an open source e-commerce platform based on the Symfony framework from the Polish company Sylius. sylius has a security vulnerability that stems from the possibility that an attacker-controlled page could load the website in an iframe. This would enable a clickjacking attack where an...
LOCKON EC-CUBE Access Privilege Vulnerability (CNVD-2016-02686)
LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. The platform supports product login, user evaluation, artwork layout and so on. An access privilege vulnerability exists in LOCKON EC-CUBE versions 3.0.0 through 3.0.9. A remote attacker can exploi...
1caitong一采通物质采购电子商务平台系统 fileuploadAction.do 任意文件下载漏洞
No description provided by source...
帝友P2C借贷系统前台getshell#1
简要描述: 帝友P2C借贷系统前台getshell1 详细说明: 这次是帝友公司旗下出的另一套电子商务cms 不是帝友p2p! 官方最新版本是 帝友P2C借贷系统V1.01 上传头像处存在getshell 已官方演示站做演示 已注册账号,账号密码都是test1a 访问 http://p2c.diyou.cc/?user&m=approve/safe 上传头像,抓包 修改数据包,插入一句话木马,修改后缀为php后缀 虽然回显500,但是phpshell已经上传了 dyupfiles/avatar/diyou/用户id.php 得到...
iCat Electronic Commerce Suite 3.0 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite...
Canadian Parliament considers anti-malware law
From Stop Badware Maxim Weinstein The Canadian House of Commons is considering bill C-27 gc.ca, the Electronic Commerce Protection Act. In addition to providing civil penalties for unsolicited commercial e-mail spam and the unauthorized interception of e-mail man in the middle attacks, it provide...
Interstage Application Server未明跨站脚本漏洞
Interstage Application Server是一款企业级电子商务解决方案。 Interstage Application Server不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 目前没有详细漏洞细节提供。 Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1 Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1 Fujitsu INTERSTAGE Job Workload Server 8.1 Fujitsu INTERSTAGE...
iCat Carbo Server File Disclosure Vulnerability
Description iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the Electronic Commerce Suite does not...
iCat Electronic Commerce Suite 3.0 - File Disclosure
iCat Electronic Commerce Suite 3.0 - File Disclosure source: https://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electron...
iCat Electronic Commerce Suite 3.0 - File Disclosure
source: https://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the...