CVE-2019-25507

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

EUVD-2019-19733

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

CVE-2019-25507

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

CVE-2019-25507

Ashop Shopping Cart Software is affected by an SQL injection vulnerability in the index.php handler: the 'shop' parameter accepts malicious input leading to UNION-based SQL injection. This is exploitable by unauthenticated attackers and can disclose sensitive data due to the high impact on confid...

CVE-2019-25507 Ashop Shopping Cart Software Lastest SQL Injection via index.php

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

PT-2026-22962

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

Ashop Shopping Cart SQL注入漏洞

Ashop Shopping Cart is a e-commerce platform developed by the Ashop company. The Ashop Shopping Cart has a SQL injection vulnerability. This vulnerability stems from the shop parameter being subject to SQL injection attacks, which may allow unverified attackers to manipulate database queries and...

EUVD-2021-1124

Malware in sbrugna...

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the shop parameter on the /shopify/auth/enablecookies endpoint...

storenvy.com XSS vulnerability

Vulnerable URL: https://www.storenvy.com/shop?q=x" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 15.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9185 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value...

Shopify: XSS on "widgets.shopifyapps.com" via "stripping" attribute and "shop" parameter

Description Shopify allows developers to embed widgets containing product info on third-party websites via "widgets.shopifyapps.com". When the widget is rendered the shop attribute is not filtered allowing any website not just Shopify shops to be specified. By providing an attacker controlled...

CVE-2008-2904

SQL injection vulnerability in shop.php in Conkurent PHPMyCart allows remote attackers to execute arbitrary SQL commands via the cat parameter...