91 matches found
CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2018-25371
The CVE-2018-25371 entry concerns mooSocial Store Plugin 2.6 with a blind SQL injection in the product parameter of the URL rewrite functionality. The vulnerability allows unauthenticated attackers to manipulate queries, enabling boolean-based blind, time-based blind, or stacked query techniques ...
CVE-2018-25371
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
EUVD-2018-21892
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
mooSocial Store Plugin SQL注入漏洞
mooSocial Store Plugin is a social e-commerce extension plugin from mooSocial. A SQL injection vulnerability exists in mooSocial Store Plugin version 2.6, which stems from a blind SQL injection via the product parameter in the URL rewriting feature, which could lead to database query manipulation...
PT-2026-43223
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2016-10992
The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports fromyear parameter...
EUVD-2016-1983
Malware in sbrugna...
EUVD-2025-22267
Malicious code in bioql PyPI...
EUVD-2024-50726
Malicious code in bioql PyPI...
EUVD-2023-49894
Malicious code in bioql PyPI...
EUVD-2025-22477
Malicious code in bioql PyPI...
EUVD-2023-26819
Malicious code in bioql PyPI...
CVE-2025-8113
The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-8113 Ebook Store < 5.8015 - Reflected XSS via $_SERVER['REQUEST_URI']
The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2025-8113
CVE-2025-8113 affects the Ebook Store WordPress plugin (versions before 5.8015). The issue is a Reflected Cross-Site Scripting vulnerability where the plugin does not escape the $_SERVER['REQUEST_URI'] when outputting it into an HTML attribute, enabling a crafted URL to inject scripts in vulnerab...
WordPress plugin Ebook Store 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-54702 WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in motov.net Ebook Store allows Cross Site Request Forgery. This issue affects Ebook Store: from n/a through 5.8013...
CVE-2025-7437
The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...