15 matches found
CVE-2023-45854
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function...
EUVD-2020-13295
Malware in sbrugna...
CVE-2020-20508
Shopkit v2.7 contains a reflective cross-site scripting XSS vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field...
CVE-2023-45854
CVE-2023-45854 affects Shopkit 1.0. It is a business logic vulnerability allowing an attacker to add products with negative quantities to the cart through the qtd parameter in the add-to-cart function. Impact described as cart manipulation with negative quantities; no official patch/version remed...
Shopkit 安全漏洞
Shopkit is an open source Kirby Cms version 2 integrated commerce solution by Sam Nabi, an individual developer in Canada. A security vulnerability exists in Shopkit version 1.0. An attacker exploited the vulnerability to add a negative number of items to the shopping cart via the qtd parameter i...
PT-2024-13293 · Shopkit · Shopkit
Name of the Vulnerable Software and Affected Versions: Shopkit version 1.0 Description: A Business Logic issue allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function. Recommendations: For Shopkit version 1.0, as a tempora...
CVE-2023-45854
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function...
CVE-2023-45854
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function...
Shopkit Cross-Site Scripting Vulnerability
Shopkit is an open source Kirby Cms version 2 integrated commerce solution from the Canadian personal developer Sam Nabi.Shopkit version 2.7 contains a cross-site scripting vulnerability that could be exploited by attackers to hijack user credentials via a carefully crafted payload in an email te...
CVE-2020-20508
Shopkit v2.7 contains a reflective cross-site scripting XSS vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field...
CVE-2020-20508
Shopkit v2.7 contains a reflective cross-site scripting XSS vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field...
Cross site scripting
Shopkit v2.7 contains a reflective cross-site scripting XSS vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field...
CVE-2020-20508
Shopkit v2.7 contains a reflective cross-site scripting XSS vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field...
CVE-2020-20508
Shopkit v2.7 contains a reflective XSS in the /account/register flow. The vulnerability stems from unsanitized input in the E‑Mail text field, allowing an attacker to craft payloads that hijack user credentials. Affected component: Shopkit account registration. Root cause: inadequate input saniti...
Shopkit 跨站脚本漏洞
Shopkit is an open source Kirby Cms version 2 integrated commerce solution from the Canadian personal developer Sam Nabi.Shopkit version 2.7 contains a cross-site scripting vulnerability that could be exploited by attackers to hijack user credentials via a carefully crafted payload in an email te...