Show filters
378 Total Results
Displaying 271-280 of 378
Sort by:
Attacker Value
Unknown
CVE-2017-17954
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter.
0
Attacker Value
Unknown
CVE-2017-17951
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
0
Attacker Value
Unknown
CVE-2017-17952
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.
0
Attacker Value
Unknown
CVE-2017-17955
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter.
0
Attacker Value
Unknown
CVE-2017-17629
Disclosure Date: December 13, 2017 (last updated November 26, 2024)
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.
0
Attacker Value
Unknown
CVE-2017-17624
Disclosure Date: December 13, 2017 (last updated November 26, 2024)
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
0
Attacker Value
Unknown
CVE-2017-17610
Disclosure Date: December 13, 2017 (last updated November 26, 2024)
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
0
Attacker Value
Unknown
CVE-2017-7723
Disclosure Date: April 24, 2017 (last updated November 26, 2024)
XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.
0
Attacker Value
Unknown
CVE-2016-10112
Disclosure Date: January 04, 2017 (last updated November 25, 2024)
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.
0
Attacker Value
Unknown
CVE-2015-7231
Disclosure Date: September 17, 2015 (last updated October 05, 2023)
The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, related to a "response from commweb."
0
