Lucene search
K

4 matches found

Veracode
Veracode
added 2025/10/28 11:4 a.m.5 views

Cross-site Scripting

com.liferay.commerce.order.web is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient input validation and output encoding due to the Account “Name” text field accepting unneutralized input; an attacker can inject a crafted payload into that field which is stored and...

5.4CVSS5.9AI score0.002EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0966

A vulnerability classified as problematic was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=orders/vieworder. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotel...

8.8CVSS6.2AI score0.00776EPSS
Exploits1References1
myhack58
myhack58
added 2013/07/31 12:0 a.m.20 views

ecshop the goods_attr and goods_attr_id two secondary injection vulnerability detailed analysis-vulnerability warning-the black bar safety net

A: goodsattrid secondary injection ! 2 0 1 3 0 7 3 0 1 5 2 7 4 9 1 Injection use process: 1. Add items to your cart, write the injection code to product attribute id http://localhost/test/ecshop/flow.php?step=addtocart POST: goods="quick":1,"spec":"1 6 3","1 5 8'","goodsid":3...

7.6AI score
Exploits0
Prion
Prion
added 2008/04/23 1:5 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Ubercart 5.x before 5.x-1.0-rc1 module for Drupal allow remote attackers to inject arbitrary web script or HTML via text fields intended for the 1 address and 2 order information, which are later displayed on the order view page and...

4.3CVSS6AI score0.01022EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder