Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:26 p.m.5 views

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

8.8CVSS6.9AI score0.00524EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-4201

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00524EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-26362

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00053EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/09/03 10:29 p.m.5 views

CVE-2025-9797

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS7AI score0.00053EPSS
Exploits0References1
NVD
NVDadded 2025/09/01 10:15 p.m.1 views

CVE-2025-9797

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS0.00053EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/09/01 10:2 p.m.7 views

CVE-2025-9797 mrvautin expressCart Edit Product edit injection

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS0.00053EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/09/01 10:2 p.m.1 views

CVE-2025-9797 mrvautin expressCart Edit Product edit injection

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS6.6AI score0.00053EPSS
Exploits0References5
CVE
CVEadded 2025/09/01 10:2 p.m.32 views

CVE-2025-9797

The CVE-2025-9797 entry concerns mrvautin expressCart, impacting the Edit Product Page (/admin/product/edit/) where an injection vulnerability is triggered by an issue in an unknown function. Documents indicate the attack can be initialized remotely and that the exploit has been publicly disclose...

4.8CVSS6.6AI score0.00053EPSS
Exploits0References5
CNNVD
CNNVDadded 2025/09/01 12:0 a.m.1 views

expressCart 安全漏洞

expressCart is a shopping cart software by Mark Moffat Individual Developer. A security vulnerability exists in expressCart that stems from an injection attack due to a misuse of the file /admin/product/edit/...

4.8CVSS4.4AI score0.00053EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2025/09/01 12:0 a.m.2 views

PT-2025-35513

Name of the Vulnerable Software and Affected Versions: expressCart versions prior to b31302f4e99c3293bd742c6d076a721e168118b0 Description: A vulnerability exists in the Edit Product Page component of expressCart. The issue involves an injection flaw within an unknown function of the...

4.8CVSS3.6AI score0.00053EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in ExpressCart (npm)

The package ExpressCart was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-20095 Malicious code in ExpressCart (npm)

The package ExpressCart was found to contain malicious code...

7.2AI score
Exploits0
CNVD
CNVDadded 2018/06/20 12:0 a.m.2 views

Unspecified Vulnerability in expressCart

expressCart is a shopping cart module used in Node.js. A security vulnerability exists in expressCart. A remote attacker can exploit this vulnerability to create an admin user...

8.8CVSS8.6AI score0.00524EPSS
Exploits0References1
NVD
NVDadded 2018/06/15 2:29 p.m.8 views

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

8.8CVSS8.6AI score0.00524EPSS
Exploits0References3
Prion
Prionadded 2018/06/15 2:29 p.m.8 views

Design/Logic Flaw

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

6.5CVSS8.5AI score0.00524EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2018/06/15 2:29 p.m.15 views

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

8.8CVSS8.8AI score
Exploits0References3
CVE
CVEadded 2018/06/15 2:0 p.m.33 views

CVE-2018-12457

CVE-2018-12457 affects Express-Cart up to version 1.1.6. A remote attacker can create an admin user by exploiting a Referer header to /admin/setup, enabling unauthorized admin account creation. Descriptions across multiple sources confirm the same issue; no explicit exploit details beyond the hea...

8.8CVSS8.5AI score0.00524EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2018/06/15 2:0 p.m.10 views

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

8.6AI score0.00524EPSS
Exploits0References3
Rows per page
Query Builder