CVE-2013-6295

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module...

EUVD-2013-6121

Malware in sbrugna...

EUVD-2018-6314

Malware in sbrugna...

Code-Projects Pharmacy Management System SQL注入漏洞

Code-Projects Pharmacy Management System is a Code-Projects open source pharmacy management system. Code-Projects Pharmacy Management System version 1.0 suffers from a SQL injection vulnerability that originates from the parameter id of the file /index.php?action=editSalesman that can lead to SQL...

PT-2024-38835 · Code Projects · Code-Projects Pharmacy Management System

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical vulnerability has been found in the code-projects Pharmacy Management System. This issue affects the file /index.php?action=editSalesman and is related to the...

GHSA-XX67-2J3V-H76P PrestaShop PHP Object Injection

In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to...

CVE-2013-6295

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module...

Privilege escalation

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module...

CVE-2013-6295

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module...

CVE-2013-6295

CVE-2013-6295 affects PrestaShop 1.5.5, enabling privilege escalation through a Salesman account via the upload module. The Red Hat advisory echoes the same description. The available documents do not provide additional technical details such as affected file paths, exact root cause, vulnerable c...

CVE-2018-20717

In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to...

Creme CRM Cross-Site Scripting Vulnerability

Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the salesman creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...

CVE-2018-14396

An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...

Cross site scripting

An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...

CVE-2018-14396

An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...

CVE-2018-14396

An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...