CVE-2023-43734

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-5112

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "specialstypename1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43728

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "stockdeliverytermstext1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43727

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "stockindicationtext1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43724

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "derb6zmklgtjuhh2cn5chn2qjbm2stgmfa4.oastify.comscription1name" parameter, potentially leading to unauthorized execution of scripts within a user's web...

CVE-2023-43721

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "PACKINGSLIPSSUMMARYTITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43718

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCHENABLETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43723

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "ordersstatusname1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

Cross site scripting

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "zonename" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

Cross site scripting

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCHHIGHLIGHTENABLETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43725

CVE-2023-43725 affects OsCommerce (noted as OsCommerce 4.12.56860 in CVE records). It is a Cross‑Site Scripting (XSS) flaw that allows an attacker to inject JavaScript through the parameter orders_products_status_name_long[1], potentially resulting in unauthorized script execution in a user’s bro...

CVE-2023-43714

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "SKIPCARTPAGETITLE1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43713

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser...

CVE-2023-43712

Os Commerce (affected: web app) has a Cross-Site Scripting (XSS) vulnerability via the access_levels_name parameter. Root cause: improper sanitization of input leading to injected JavaScript in user browsers. Impact per sources: potential script execution in a user session; CVSSv3.1 base score 5....

CVE-2023-43711

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "adminfirstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43705

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "translationvalue1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43704

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43706

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "emailtemplateskey" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43703

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "productinfoname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...