CVE-2019-25577

SeoToaster Ecommerce 3.0.0 has a local file inclusion vulnerability that lets authenticated attackers read arbitrary files by manipulating path parameters in backend_theme endpoints. Specifically, POST requests to /backend/backend_theme/editcss/ or /backend/backend_theme/editjs/ with directory tr...

PT-2026-26925

SeoToaster Ecommerce 3.0.0 contains a local file inclusion vulnerability that allows authenticated attackers to read arbitrary files by manipulating path parameters in backend theme endpoints. Attackers can send POST requests to /backend/backend theme/editcss/ or /backend/backend theme/editjs/ wi...

SeoToaster Ecommerce 路径遍历漏洞

SeoToaster Ecommerce is an integrated e-commerce platform developed by SeoToaster Inc. in the United States. Version 3.0.0 of SeoToaster Ecommerce contains a path traversal vulnerability. This vulnerability stems from the use of getcss or getjs parameters that enable local file inclusion,...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...