Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-8240

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00748EPSS
Exploits0References2
OSV
OSV
added 2021/09/17 2:15 a.m.4 views

CVE-2021-20828

Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00748EPSS
Exploits0References2
NVD
NVD
added 2021/09/17 2:15 a.m.11 views

CVE-2021-20828

Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00748EPSS
Exploits0References2
CVE
CVE
added 2021/09/17 1:40 a.m.73 views

CVE-2021-20828

The CVE-2021-20828 entry concerns the EC-CUBE 3.0 series plugin “Order Status Batch Change Plug-in” by ActiveFusions. The vulnerability is a cross-site scripting (CWE-79) flaw caused by insufficient validation of client-side data, allowing a remote attacker to inject arbitrary script via unspecif...

6.1CVSS6AI score0.00748EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/09/16 5:33 a.m.3 views

EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting

Overview EC-CUBE plugin "Order Status Batch Change Plug-in" provided by ActiveFusions Co., Ltd. contains a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by conducting a specific operation on the management page of EC-CUBE. ActiveFusions Co., Ltd. reported this...

6.1CVSS6.2AI score0.00748EPSS
Exploits0References5
CNVD
CNVD
added 2018/07/09 12:0 a.m.6 views

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-13453)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in the product/card.php...

9.8CVSS9.8AI score0.01918EPSS
Exploits0References1
OSV
OSV
added 2018/07/08 4:29 p.m.7 views

UBUNTU-CVE-2018-13450

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statusbatch parameter...

9.8CVSS7.7AI score0.01918EPSS
Exploits0References2
Rows per page
Query Builder