3 matches found
Design/Logic Flaw
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...
CVE-2018-20848
CVE-2018-20848 concerns Advisto PEEL SHOPPING 9.0.0. It describes a CSRF vulnerability exposed through en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, demonstrated by an XSS payload in the couleurId[0] parameter to the latter. The vulnerability is documented across multiple sources (...
CVE-2018-20848
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddieajout.php and en/achat/caddieaffichage.php, as demonstrated by an XSS payload in the couleurId0 parameter to the latter...