7 matches found
CVE-2025-11628
Affected: jimit105 Project-Online-Shopping-Website, Product Inventory Handler component, /delete.php. Issue: SQL injection via manipulated product_code argument. Impact: remote, network-accessible, exploitable without user interaction. Exploit published; rolling-release model means no version det...
Project-Online-Shopping-Website SQL注入漏洞
Project-Online-Shopping-Website is an online shopping site by the individual developer Jimit Dholakia. Project-Online-Shopping-Website suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter productcode in the file /delete.php, which could lead to a SQL...
Online Furniture Shopping Ecommerce Website 跨站脚本漏洞
Online Furniture Shopping Ecommerce Website is an online furniture shopping ecommerce website. A cross-site scripting vulnerability exists in Online Furniture Shopping Ecommerce Website, which is caused by a cross-site scripting vulnerability in the txtAddress parameter of the login.php file...
Popular shopping site leaks miners’ data in 6TB of database mess up
By Waqas The database belonging to windeln.de's production server was left exposed on a misconfigured server. This is a post from HackRead.com Read the original post: Popular shopping site leaks miners data in 6TB of database mess up...
New web skimmer steals credit card data, sends to crooks via Telegram
The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection. As defenders, we look for any kind of artifacts and malicious infrastructure that we might be able to identify to protect our users and alert affected...
EC-CUBE vulnerable to information disclosure
Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error logs, which may lead to information disclosure. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
Chama Cargo cross-site scripting vulnerability
Overview Chama Cargo, a cgi program written in perl for creating shopping websites, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...