12 matches found
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13004
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002 XSS in Farktor Software's E-Commerce Package
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002 XSS in Farktor Software's E-Commerce Package
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...
CVE-2025-13002
CVE-2025-13002 concerns an XSS in Farktor Software’s E-Commerce Package (E-Commerce Services Inc.). The issue arises from Improper Neutralization of Input During Web Page Generation and affects versions up to 27112025. The CVSS‑3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H with a base score o...
CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969 SQLi in Farktor Software's E-Commerce Package
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Blind SQL Injection.This issue affects E-Commerce Package: through 27112025...
CVE-2025-10969
CVE-2025-10969 is a SQL Injection vulnerability in Farktor Software E-Commerce Package (through 27112025). The issue arises from improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. CVSS v3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, no privile...
PT-2026-7842
Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables.This issue affects E-Commerce Package: through 27112025...
PT-2026-7840
Name of the Vulnerable Software and Affected Versions Farktor Software E-Commerce Package versions through 27112025 Description The software contains an improper neutralization of special elements used in an SQL command, leading to a Blind SQL Injection issue. This allows for potential unauthoriz...
PT-2026-7841
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting XSS.This issue affects E-Commerce Package: through 27112025...