EUVD-2018-10850

Malware in sbrugna...

EUVD-2018-12925

Malware in sbrugna...

WSTMart Product Inquiry Component Cross-Site Scripting Vulnerability

WSTMart is a set of e-commerce system of Guangzhou Shangtao Information Technology Co. A cross-site scripting vulnerability exists in the product consultation component of WSTMart version 2.0.8181212, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help ...

WSTMart 2.0.8 - Cross-Site Scripting

WSTMart 2.0.8 - Cross-Site Scripting Exploit Title: WSTMart 2.0.8 - Cross-Site Scripting Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage: https://github.com/wstmall/wstmart/ Software Link: http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE: CVE-2018-20367 0x01 stored XSS PoC Functi...

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)

WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE...

WSTMart 2.0.8 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Scripting Exploit Author: linfeng Vendor Homepage: https://github.com/wstmall/wstmart/ Software Link: http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE: CVE-2018-20367 0x01 stored XSS PoC Functi...

WSTMart 2.0.8 - Cross-Site Scripting

Exploit Title: WSTMart 2.0.8 - Cross-Site Scripting Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage: https://github.com/wstmall/wstmart/ Software Link: http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE: CVE-2018-20367 0x01 stored XSS PoC Function point: mall some commodity details...

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF Po...

WSTMart 2.0.8 Cross Site Scripting

Exploit Title: WSTMart 2.0.8 - Cross-Site Scripting Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage: https://github.com/wstmall/wstmart/ Software Link: http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE: CVE-2018-20367 0x01 stored XSS PoC Function point: mall some commodity details...

WSTMart 2.0.8 Cross Site Request Forgery

Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF PoC 18/5000 Function point: background...

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE :CVE-2018-19138 0x02 CSRF PoC 18/5000 Function point: background...

Cross site scripting

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI...

CVE-2018-20367

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI...

CVE-2018-20367

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI...

CVE-2018-20367

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI...

CVE-2018-20367

CVE-2018-20367 affects WSTMart 2.0.8_181212: the product consultation component stores user-supplied data in the consultContent parameter, enabling stored cross‑site scripting via POST to index.php/home/goodsconsult/add.html (evidence via multiple sources). The vulnerability is demonstrated by XS...

WSTMart open source mall system has xss vulnerability

WSTMart open source mall is a system that can help enterprises and individuals to quickly build a community service system. WSTMart open source mall system exists xss vulnerability. Attackers can use this vulnerability to obtain sensitive information such as user cookies...

WSTMart Cross-Site Request Forgery Vulnerability

WSTMart is a set of e-commerce system of China Shangtao Information Technology Company. A cross-site request forgery vulnerability exists in WSTMart version 2.0.7. A remote attacker can exploit this vulnerability to perform unauthorized operations with the index.php/admin/staffs/add.html URI...

CVE-2018-19138

WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI...

Cross site request forgery (csrf)

WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI...