32 matches found
CVE-2021-47856
Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...
CVE-2021-47856
Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...
NetArt Media Easy Cart Shopping Cart 跨站脚本漏洞
NetArt Media Easy Cart Shopping Cart is a lightweight PHP e-commerce shopping system developed by NetArt Media in Bulgaria. The 2021 version of NetArt Media Easy Cart Shopping Cart contains a cross-site scripting vulnerability. This vulnerability stems from the non-persistent cross-site scripting...
PT-2026-5552
Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...
EUVD-2024-29902
Malicious code in bioql PyPI...
CVE-2025-9431 mtons mblog search cross site scripting
A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-9431
The CVE-2025-9431 entry concerns mtons mblog up to version 3.5.0. The vulnerability affects the /search function, where manipulation of the kw argument enables cross-site scripting. The issue can be exploited remotely, and exploits have been published. Public sources in the connected documents (e...
JPACookieShop 跨站脚本漏洞
JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. JPACookieShop cross-site scripting vulnerability, the vulnerability stems from the file GoodsCustController.java function goodsSearch parameter keyword leads to cross-site scripting...
Code-Projects Responsive Blog 代码注入漏洞
Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0, which stems from cross-site scripting due to incorrect manipulation of the parameter keyword in the file /search.php...
CVE-2025-6083
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...
CVE-2024-32080
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...
Search Keyword Redirect <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Search Keyword Redirect plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2024-32080
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...
CVE-2024-32080 WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...
CVE-2024-32080 WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...
CVE-2024-32080
CVE-2024-32080 is a Stored XSS in the WordPress plugin Search Keyword Redirect (Nick Pelton). The issue is described as Improper Neutralization of Input During Web Page Generation in the plugin, affecting versions from n/a through 1.0. No exploit details or patches are provided in the connected d...
WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Search Keyword Redirect versions = 1.0...
PT-2024-24385 · Unknown · Search Keyword Redirect
Name of the Vulnerable Software and Affected Versions: Search Keyword Redirect versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...
WordPress Search Keyword Redirect Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Search Keyword Redirect Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32080 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a5522e4a000 Credits Sharanabasappa Required privilege...
WordPress Plugin Search Keyword Redirect 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin Search Keyword Redirect A cross-si...