Lucene search
K

91 matches found

Cvelist
Cvelist
added 2026/05/25 2:15 p.m.26 views

CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS0.00348EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.10 views

CVE-2018-25371 mooSocial Store Plugin 2.6 SQL Injection via product parameter

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References4
CVE
CVE
added 2026/05/25 2:15 p.m.22 views

CVE-2018-25371

The CVE-2018-25371 entry concerns mooSocial Store Plugin 2.6 with a blind SQL injection in the product parameter of the URL rewrite functionality. The vulnerability allows unauthenticated attackers to manipulate queries, enabling boolean-based blind, time-based blind, or stacked query techniques ...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:15 p.m.10 views

CVE-2018-25371

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/25 2:15 p.m.12 views

EUVD-2018-21892

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.8 views

mooSocial Store Plugin SQL注入漏洞

mooSocial Store Plugin is a social e-commerce extension plugin from mooSocial. A SQL injection vulnerability exists in mooSocial Store Plugin version 2.6, which stems from a blind SQL injection via the product parameter in the URL rewriting feature, which could lead to database query manipulation...

8.8CVSS5.8AI score0.00348EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.13 views

PT-2026-43223

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:12 a.m.10 views

CVE-2016-10992

The music-store plugin before 1.0.43 for WordPress has XSS via the wp-admin/admin.php?page=music-store-menu-reports fromyear parameter...

6.1CVSS6AI score0.01623EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-1983

Malware in sbrugna...

6.1CVSS6.3AI score0.01623EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22267

Malicious code in bioql PyPI...

4.4CVSS6.5AI score0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50726

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00431EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49894

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-22477

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.01266EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-26819

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2025/08/16 6:15 a.m.5 views

CVE-2025-8113

The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.1CVSS0.00207EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/16 6:0 a.m.4 views

CVE-2025-8113 Ebook Store < 5.8015 - Reflected XSS via $_SERVER['REQUEST_URI']

The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

6.4AI score0.00207EPSS
Exploits1References1
CVE
CVE
added 2025/08/16 6:0 a.m.29 views

CVE-2025-8113

CVE-2025-8113 affects the Ebook Store WordPress plugin (versions before 5.8015). The issue is a Reflected Cross-Site Scripting vulnerability where the plugin does not escape the $_SERVER['REQUEST_URI'] when outputting it into an HTML attribute, enabling a crafted URL to inject scripts in vulnerab...

6.1CVSS5.9AI score0.00207EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.2 views

WordPress plugin Ebook Store 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.1CVSS6.1AI score0.00207EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.3 views

CVE-2025-54702 WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in motov.net Ebook Store allows Cross Site Request Forgery. This issue affects Ebook Store: from n/a through 5.8013...

4.3CVSS7.2AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/26 4:31 a.m.11 views

CVE-2025-7437

The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...

9.8CVSS7.6AI score0.01266EPSS
Exploits0References1
Rows per page
Query Builder