1727 matches found
EUVD-2026-41698
A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit is publicly...
CVE-2026-14653
SourceCodester Simple and Nice Shopping Cart Script 1.0 contains an SQL injection in /admin/mensproductdeletequery.php exposed by manipulating the user_id argument. The vulnerability is remotely exploitable (attack vector: NETWORK) with LOW to MEDIUM impacts per CVSS data: Confidentiality, Integr...
EUVD-2026-41697
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-14652
The affected software is SourceCodester Simple and Nice Shopping Cart Script 1.0. A SQL injection vulnerability exists in the Admin Login component, specifically in /admin/login.php where manipulating the Username argument can compromise the system. The issue can be exploited remotely and the exp...
EUVD-2026-41696
A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...
EUVD-2026-41684
A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...
Astra Linux – Vulnerability in Chromium
Using “after free” in the Shopping Cart in Google Chrome before version 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption through standard feature user interactions...
CVE-2026-48868
Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...
EUVD-2026-36847
Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...
CVE-2026-48868 WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...
CVE-2026-48868
The CVE-2026-48868 entry concerns the WordPress WordPress Simple Shopping Cart plugin (versions
PT-2026-49477
Unauthenticated Insecure Direct Object References IDOR in Simple Shopping Cart = 5.2.9 versions...
WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Simple Shopping Cart versions = 5.2.9...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS developed by Givan’s developers, used for building websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of the quantity parameter in the...
OpenMage Magento Lts(Magento) 安全漏洞
OpenMage Magento Lts Magento is an e-commerce system developed by the OpenMage organization. Versions of OpenMage Magento Lts prior to 20.17.0 contained security vulnerabilities. These vulnerabilities stemmed from defects in the authorization logic for adding shared wish lists to the shopping car...
Shopping Cart 安全漏洞
Shopping Cart is a SSH host connection management tool developed by Thijmen’s individual developer. Version 0.0.2 of Shopping Cart contains a security vulnerability, which stems from command injection in the connect function. This vulnerability could potentially allow for the execution of arbitra...
CVE-2024-53412
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
EUVD-2023-60557
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
CVE-2023-54362 Joomla VirtueMart Shopping-Cart 4.0.12 Reflected XSS via keyword
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
CVE-2023-54362
Joomla VirtueMart Shopping-Cart 4.0.12 is affected by a reflected XSS in the keyword parameter of the product-variants endpoint. The vulnerability allows an attacker to craft a URL containing a script payload that, when visited by a user, executes arbitrary JavaScript in the victim’s browser and ...