15 matches found
CVE-2026-2579
The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
EUVD-2026-12532
The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
EUVD-2009-1318
Malware in sbrugna...
CVE-2009-1320
Multiple cross-site scripting XSS vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 gridPage and 2 gridSort parameters. NOTE: some of these details are obtained from third party information...
WordPress plugin Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin Ultimate Store Kit...
Better Basket Pro 3.0 Store Builder Remote Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8386/info It has been reported that Better Basket Pro BBPro Store Builder may reveal path information under some circumstances. This may result a directed attack against system resources...
DynamiXgate Affiliate Store Builder Cross Site Scripting
Vulnerability ID: HTB22362 Reference: http://www.htbridge.ch/advisory/xssindynamixgate.html Product: DynamiXgate Affiliate Store Builder Vendor: DynamiXgate Team Vulnerable Version: Current version at 2010, April Vendor Notification: 27 April 2010 Vulnerability Type: XSS Cross Site Scripting...
XSS in DynamiXgate Affiliate Store Builder
Vulnerability ID: HTB22362 Reference: http://www.htbridge.ch/advisory/xssindynamixgate.html Product: DynamiXgate Affiliate Store Builder Vendor: DynamiXgate Team Vulnerable Version: Current version at 2010, April Vendor Notification: 27 April 2010 Vulnerability Type: XSS Cross Site Scripting...
Affiliate Store Builder - edit_cms.php Multiple SQL Injections
Affiliate Store Builder - editcms.php Multiple SQL Injections source: https://www.securityfocus.com/bid/40058/info Affiliate Store Builder is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...
Cross-site Scripting (XSS) in DynamiXgate Affiliate Store Builder
High-Tech Bridge SA Security Research Lab has discovered vulnerability in DynamiXgate Affiliate Store Builder which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in DynamiXgate Affiliate Store Builder The vulnerability exists due to...
CVE-2009-1320
Multiple cross-site scripting XSS vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 gridPage and 2 gridSort parameters. NOTE: some of these details are obtained from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 gridPage and 2 gridSort parameters. NOTE: some of these details are obtained from third party information...
CVE-2009-1320
Multiple cross-site scripting XSS vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 gridPage and 2 gridSort parameters. NOTE: some of these details are obtained from third party information...
CVE-2009-1320
CVE-2009-1320 describes multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php of Zazzle Store Builder 1.0.2. The flaws allow remote attackers to inject arbitrary web script or HTML via the gridPage and gridSort parameters. The vulnerability affects Zazzle Store Builder 1.0.2 a...
ZH2003-19SA (security advisory): BBPro Store Builder Path Disclosure
ZH2003-19SA security advisory: BBPro Store Builder Path Disclosure Published: 10 august 2003 Released: 10 august 2003 Name: BBPro Store Builder Affected Systems: current version Issue: Remote attackers can know the path of the site Author: G00db0y zone-h org Vendor:...