301 matches found
iScripts eSwap SQL Injection Vulnerability (CNVD-2018-10679)
iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...
Sql injection
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11470
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11470
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11470
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel...
CVE-2018-11470
The CVE-2018-11470 entry applies to iScripts eSwap v2.4 and describes a SQL injection vulnerability in the User Panel caused by the search.php parameter named 'Told' . The vulnerability allows arbitrary SQL commands due to unsanitized input in the user-facing search feature and is reported with a...
iScripts eSwap 'ToId' Parameter SQL Injection Vulnerability
iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...
iScripts eSwap SQL Injection Vulnerability (CNVD-2018-15242)
iScripts eSwap is a set of item trading software. The software supports trading with virtual currencies or directly exchanging items. A SQL injection vulnerability exists in iScripts eSwap version 2.4. A remote attacker can use the 'ToId' parameter to view, add, modify, or delete information in t...
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
Sql injection
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
Sql injection
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter...
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter...
CVE-2018-11373
The CVE-2018-11373 entry concerns iScripts eSwap v2.4, where a SQL injection exists in the salelistdetailed.php User Panel ToId parameter. The root cause appears to be improper handling of user-supplied ToId leading to database query manipulation. Multiple connected sources (CNVD-2018-15242, RH: ...
CVE-2018-11372
CVE-2018-11372 affects iScripts eSwap v2.4. The issue is an SQL injection in the Wishlistdetailed.php User Panel ToId parameter, caused by unsafe handling of the ToId input. The vulnerability can enable attackers to view, add, modify, or delete data in the backend database (as described across mu...
iScripts eSwap cross-site scripting vulnerability (CNVD-2018-07983)
IScripts eSwap is an item trading program from IScripts Inc. that supports the use of virtual currency or direct item exchange. The program supports the use of virtual currencies for trading or direct item exchange.User Panel is one of the user panels. A cross-site scripting vulnerability exists ...
iScripts UberforX Cross-Site Request Forgery Vulnerability
IScripts UberforX is an open source e-commerce solution from Iscripts USA. The solution has features such as inventory management, payment gateway support, and hole-in-the-ground application support.Admin Panel is one of the admin panels. A cross-site request forgery vulnerability exists in the...