CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection...

4CVSS7AI score0.00198EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 9:28 a.m.•3 views

CVE-2015-2244

Multiple cross-site scripting XSS vulnerabilities in Webshop hun 1.062S allow remote attackers to inject arbitrary web script or HTML via the 1 param, 2 center, 3 lap, 4 termid, or 5 nyelvid parameter to index.php...

4.3CVSS6AI score0.00254EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:21 a.m.•4 views

CVE-2015-2242

Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow remote attackers to execute arbitrary SQL commands via the 1 termid or 2 nyelvid parameter to index.php...

7.5CVSS8.9AI score0.00326EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:48 a.m.•4 views

CVE-2015-2243

Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php...

7.5CVSS7.4AI score0.0042EPSS

Exploits0References1

Packet Storm•added 2024/10/07 12:0 a.m.•279 views

Gambio Online Webshop 4.9.2.0 Code Injection

============================================================================================================================================= | Title : Gambio Online Webshop 4.9.2.0 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score

Exploits0

0day.today•added 2024/04/23 12:0 a.m.•660 views

Gambio Online Webshop 4.9.2.0 Remote Code Execution Exploit

A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

9.8CVSS10AI score0.67111EPSS

Exploits4

Packet Storm•added 2024/04/23 12:0 a.m.•372 views

Gambio Online Webshop 4.9.2.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Remote Code Execution vulnerability in Gambio onli...

9.8CVSS9.7AI score0.67111EPSS

Exploits4

Metasploit•added 2024/04/19 7:51 p.m.•594 views

Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

9.8CVSS9.8AI score0.67111EPSS

Exploits4

Openbugbounty•added 2024/04/04 1:56 p.m.•4 views

webshop.fraisa.de Cross Site Scripting vulnerability OBB-3902188

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by