33 matches found
EUVD-2015-3465
Malware in sbrugna...
EUVD-2016-0785
Malware in sbrugna...
EUVD-2015-9253
Malware in sbrugna...
EUVD-2016-0782
Malware in sbrugna...
CVE-2015-9413
The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter...
Cross site request forgery (csrf)
The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter...
CVE-2015-9413
The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter...
WordPress eshop plugin cross-site request forgery vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. eshop is an e-commerce plugin used in it. A cross-site request forgery vulnerability exists in WordPress eshop plugin version 6.3....
Cross site scripting
The eshopcheckout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting XSS attacks, or a path disclosure attack via crafted variables named after target P...
CVE-2015-3421
The eshopcheckout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting XSS attacks, or a path disclosure attack via crafted variables named after target P...
CVE-2015-3421
CVE-2015-3421 affects the WordPress eShop plugin (
CVE-2016-0765
Multiple cross-site scripting XSS vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 page or 2 action parameter...
CVE-2016-0765
Multiple cross-site scripting XSS vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 page or 2 action parameter...
CVE-2016-0769
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
Sql injection
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
CVE-2016-0769
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
CVE-2016-0769
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
CVE-2016-0765
The CVE-2016-0765 entry describes multiple XSS vulnerabilities in eshop-orders.php within the WordPress eShop plugin, version 6.3.14. The issue allows remote attackers to inject arbitrary script/HTML via the page or action parameters, indicating a reflected or stored XSS vector in the eshop-order...
CVE-2016-0765
Multiple cross-site scripting XSS vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 page or 2 action parameter...
WordPress eshop plugin SQL injection vulnerability
WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. eShop is one of the online store plugins. A SQL injection vulnerability exists in the WordPress eshop plugin, which allows remote attackers to exploit the vulnerability to submit specially...