Lucene search
K

128 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56070

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.38 views

CVE-2026-56070 WordPress Advance Product Search plugin <= 1.4.4 - SQL Injection vulnerability

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.7 views

EUVD-2026-39723

Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-56070

WordPress Advance Product Search plugin (

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.7 views

CVE-2026-42664

Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...

8.2CVSS0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.29 views

CVE-2026-42664 WordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...

8.2CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.16 views

CVE-2026-42664

CVE-2026-42664 affects the WordPress plugin AI Product Search for WooCommerce – Motive Commerce Search, version

8.2CVSS5.1AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:18 p.m.8 views

EUVD-2026-36829

Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...

8.2CVSS5.1AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49455

Unauthenticated Broken Access Control in AI Product Search for WooCommerce Motive Commerce Search = 1.38.2 versions...

8.2CVSS5.1AI score0.00254EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.11 views

CVE-2026-42877

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 8:16 p.m.14 views

CVE-2026-42877

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...

5.4CVSS0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 6:37 p.m.9 views

EUVD-2026-32630

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 6:37 p.m.11 views

CVE-2026-42877

FacturaScripts is an open source accounting and invoicing software. In 2025.92 and earlier, a stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales Core/Lib/AjaxForms/SalesModalHTML.php and purchases documents Core/Lib/AjaxForms/PurchasesModalHTML.php. An...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.92 contained a cross-site scripting vulnerability. This vulnerability stemmed from a stored-cross-site scripting vulnerability present in the product search moda...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/09 5:36 a.m.7 views

WordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Benedictus Jovan aillesim/eneri in WordPress Plugin AI Product Search for WooCommerce Motive Commerce Search versions = 1.38.2...

5.8AI score0.00254EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.20 views

PT-2026-38615

Summary A stored Cross-Site Scripting XSS vulnerability exists in the product search modal of sales and purchases documents. An authenticated user with access to the warehouse module can create a product with a malicious reference that executes arbitrary JavaScript in the browser of any other use...

5.4CVSS6.1AI score0.00165EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/25 6:45 p.m.7 views

SQL Injection

Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to SQL Injection via the search parameter. An attacker can manipulate database queries and extract sensitive information by injecting malicious SQL code through crafted GET requests to the produc...

8.8CVSS6AI score0.00338EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2024-55504

OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Attackers can send GET requests to the product search endpoint with malicious 'search' values to extract sensitiv...

8.8CVSS6AI score0.00338EPSS
Exploits1References5
NVD
NVD
added 2026/03/25 4:16 p.m.5 views

CVE-2024-58341

OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Attackers can send GET requests to the product search endpoint with malicious 'search' values to extract sensitiv...

8.8CVSS0.00338EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27786

Name of the Vulnerable Software and Affected Versions OpenCart Core version 4.0.2.3 Description The software contains a SQL injection flaw that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through the search parameter. This is achieved by sending...

8.8CVSS6AI score0.00338EPSS
Exploits1References7
Rows per page
Query Builder