CVE-2023-4173

A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown function of the file /search/index. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this...

CVE-2025-12267

The CVE-2025-12267 affects abhicodebox ModernShop (v20250922). A flaw in the /search processing allows manipulation of the q parameter to trigger cross-site scripting. The issue can be exploited remotely and an exploit/public PoC exists. Multiple sources describe the vulnerability as a code injec...

Input validation

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...

CVE-2021-38176

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query or inject ABAP code to gain access to Backend Database. On successful exploitation the threat actor could...