Lucene search
K

68 matches found

CNVD
CNVD
added 2018/05/23 12:0 a.m.1 views

iScripts eSwap SQL Injection Vulnerability (CNVD-2018-15242)

iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...

9.8CVSS9.7AI score0.01202EPSS
Exploits1References1
NVD
NVD
added 2018/05/22 5:29 p.m.16 views

CVE-2018-11373

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...

9.8CVSS9.9AI score0.01202EPSS
Exploits1References1
OSV
OSV
added 2018/05/22 5:29 p.m.4 views

CVE-2018-11373

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...

9.8CVSS5.8AI score0.01202EPSS
Exploits1References1
Prion
Prion
added 2018/05/22 5:29 p.m.13 views

Sql injection

iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...

7.5CVSS9.8AI score0.01202EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/05/22 5:29 p.m.14 views

CVE-2018-11372

iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...

9.8CVSS9.9AI score0.01202EPSS
Exploits1References1
OSV
OSV
added 2018/05/22 5:29 p.m.4 views

CVE-2018-11372

iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...

9.8CVSS5.8AI score0.01202EPSS
Exploits1References1
Prion
Prion
added 2018/05/22 5:29 p.m.13 views

Sql injection

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...

7.5CVSS9.8AI score0.01202EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/05/22 5:0 p.m.48 views

CVE-2018-11372

CVE-2018-11372 affects iScripts eSwap v2.4. The issue is an SQL injection in the Wishlistdetailed.php User Panel ToId parameter, caused by unsafe handling of the ToId input. The vulnerability can enable attackers to view, add, modify, or delete data in the backend database (as described across mu...

9.8CVSS9.8AI score0.01202EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/05/22 5:0 p.m.19 views

CVE-2018-11372

iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...

10AI score0.01202EPSS
Exploits1References1
CVE
CVE
added 2018/05/22 5:0 p.m.47 views

CVE-2018-11373

The CVE-2018-11373 entry concerns iScripts eSwap v2.4, where a SQL injection exists in the salelistdetailed.php User Panel ToId parameter. The root cause appears to be improper handling of user-supplied ToId leading to database query manipulation. Multiple connected sources (CNVD-2018-15242, RH: ...

9.8CVSS9.8AI score0.01202EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/05/22 5:0 p.m.20 views

CVE-2018-11373

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...

10AI score0.01202EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/17 12:0 a.m.4 views

iScripts eSwap cross-site scripting vulnerability (CNVD-2018-07983)

IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies for trading or direct item exchange.User Panel is one of the user panels. A cross-site scripting vulnerability exists ...

6.1CVSS6AI score0.00692EPSS
Exploits1References1
Prion
Prion
added 2018/04/16 6:29 p.m.14 views

Cross site scripting

iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel...

4.3CVSS5.9AI score0.00692EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/04/16 6:29 p.m.13 views

CVE-2018-10135

iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel...

6.1CVSS6AI score0.00692EPSS
Exploits1References1
OSV
OSV
added 2018/04/16 6:29 p.m.4 views

CVE-2018-10135

iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel...

6.1CVSS5.8AI score0.00692EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/04/16 5:0 p.m.21 views

CVE-2018-10135

iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel...

6AI score0.00692EPSS
Exploits1References1
CVE
CVE
added 2018/04/16 5:0 p.m.44 views

CVE-2018-10135

iScripts eSwap v2.4 contains a Reflected Cross-Site Scripting (XSS) vulnerability in the User Panel, exploitable via the catid parameter of catwiseproducts.php. The root cause is the lack of input sanitization/reflection of user-controlled data in server responses, enabling injection of arbitrary...

6.1CVSS5.9AI score0.00692EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/04/12 12:0 a.m.2 views

iScripts eSwap SQL Injection Vulnerability

IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies to trade or directly exchange items.User Panel is one of the user panels. A SQL injection vulnerability exists in...

7.2CVSS8AI score0.01037EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/12 12:0 a.m.5 views

iScripts eSwap Cross-Site Request Forgery Vulnerability

IScripts eSwap is an item trading software from IScripts Inc. The program supports the use of virtual currencies for trading or direct item exchange.User Panel is one of the user panels. A cross-site request forgery vulnerability exists in iScripts eSwap v2.4. The vulnerability can be exploited t...

8.8CVSS6.8AI score0.00512EPSS
Exploits1References1
OSV
OSV
added 2018/04/11 8:29 p.m.3 views

CVE-2018-10050

iScripts eSwap v2.4 has SQL injection via the "registrationsettings.php" ddlFree parameter in the Admin Panel...

7.2CVSS5.8AI score0.01037EPSS
Exploits1References1
Rows per page
Query Builder