CVE-2024-47885

The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0 and prior to version 4.16.1. It can lead to cross-site scripting XSS in websites enables Astro's client-side routing and has stored attacker-controlled scriptless HTML elements i.e., iframe tag...

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. An attacker exploited the vulnerability to change arbitrary user account profiles via a specially crafted request...

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to run arbitrary code...

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to run arbitrary code...

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to run arbitrary code...

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to obtain sensitive information via the productdata parameter in the PDF add-on...

PT-2024-12112 · Unknown · Cs-Cart Multivendor

Name of the Vulnerable Software and Affected Versions: CS-Cart MultiVendor version 4.16.1 Description: A Directory Traversal vulnerability allows remote attackers to run arbitrary code via a crafted zip file when installing a new add-on. This issue enables attackers to potentially execute malicio...

PT-2024-12108 · Cs Cart Multivendor +1 · Pdf Add-On +1

Name of the Vulnerable Software and Affected Versions: CS-Cart MultiVendor version 4.16.1 Description: The issue allows remote attackers to obtain sensitive information via the product data parameter in the PDF Add-on. This is a Directory Traversal vulnerability, which can be exploited to access...

Security update for tumbler (moderate)

openSUSE Security Update: Security update for tumbler Announcement ID: openSUSE-SU-2022:10207-1 Rating: moderate References: 1203644 1205210 Affected Products: openSUSE Backports SLE-15-SP4 An update that contains security fixes can now be installed. Description: This update for tumbler fixes the...

CKEditor 4.0 < 4.16.1 XSS Vulnerability - Linux

CKEditor is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...