Lucene search
K

4 matches found

CNVD
CNVD
added 2021/01/29 12:0 a.m.7 views

Newbee-mall Cross-Site Scripting Vulnerability

newbee-mall is an e-commerce system. A cross-site scripting vulnerability exists in newbee-mall 1.0, where a user only needs to write an xss payload in the address information when purchasing a product, and the vulnerability is triggered when viewing the "View Recipient Information" of the order ...

6.1CVSS6AI score0.0066EPSS
Exploits1References1
NVD
NVD
added 2021/01/26 6:15 p.m.17 views

CVE-2020-23447

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...

6.1CVSS6AI score0.0066EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/26 5:15 p.m.16 views

CVE-2020-23447

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...

6AI score0.0066EPSS
Exploits1References1
CVE
CVE
added 2021/01/26 5:15 p.m.48 views

CVE-2020-23447

CVE-2020-23447 affects newbee-mall 1.0 with a cross-site scripting vulnerability in shop-cart/settle. An attacker can inject an XSS payload in the address information during purchase, triggered when viewing the Order Management Office’s “View Recipient Information.” Connected CNVD/CVEs corroborat...

6.1CVSS5.9AI score0.0066EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder