14 matches found
EUVD-2018-2133
Malware in sbrugna...
EUVD-2018-2213
Malware in sbrugna...
Sql injection
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11470
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
Sql injection
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
Sql injection
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11372
CVE-2018-11372 affects iScripts eSwap v2.4. The issue is an SQL injection in the Wishlistdetailed.php User Panel ToId parameter, caused by unsafe handling of the ToId input. The vulnerability can enable attackers to view, add, modify, or delete data in the backend database (as described across mu...
Cross site request forgery (csrf)
iScripts eSwap v2.4 has CSRF via "registrationsettings.php" in the Admin Panel...
CVE-2018-10050
iScripts eSwap v2.4 has SQL injection via the "registrationsettings.php" ddlFree parameter in the Admin Panel...
CVE-2018-10048
iScripts eSwap v2.4 has CSRF via "registrationsettings.php" in the Admin Panel...
CVE-2018-10049
iScripts eSwap v2.4 has XSS via the "registrationsettings.php" txtDate parameter in the Admin Panel...