3 matches found
CVE-2025-10032
CVE-2025-10032 – Campcodes Grocery Sales and Inventory System 1.0 has a cross-site scripting flaw in the unknown function of the file /index.php. Manipulating the page parameter allows remote script execution; the exploit is publicly available. Multiple connected sources corroborate the same issu...
SUSE CVE-2019-13709
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page...
CVE-2017-14622
Multiple cross-site scripting XSS vulnerabilities in the 2kb Amazon Affiliates Store plugin before 2.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 page parameter or 2 kbAction parameter in the kbAmz page to wp-admin/admin.php...