2 matches found
Craft Commerce SQL注入漏洞
Craft Commerce is an e-commerce platform developed under the open-source Craft CMS framework. Versions of Craft Commerce 5.5.4 and earlier contain a SQL injection vulnerability. This vulnerability stems from bypassing input cleaning filters for the ProductQuery::hasVariant and...
PT-2006-5707 · Maxdev · Maxdev Md-Pro
Name of the Vulnerable Software and Affected Versions: MAXdev MDPro versions prior to 1.0.76 updated before 20060918 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. This is achieved through vectors that bypass the XSS protection...