Quick.Cart is vulnerable to Cross-Site Request Forgery in product creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST
QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST re
Quick.Cart is vulnerable to reflected XSS via the sSort parameter. An attacker can craft a malicious URL which, when opened, results in arbitrary JavaScript execution in the victim’s browser.
The ven
Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating
QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST reque
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page.
The vendor was notified early about this vulnerability, b
Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the product_data parameter of add/edit product in the administration interface.
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the product_data parameter in the PDF Add-on.
Cross-Site Request Forgery (CSRF) vulnerability in usamafarooq Woocommerce Gifts Product woo-gift-product allows Cross Site Request Forgery.This issue affects Woocommerce Gifts Product: from n/a throu
The Inquiry Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.2. This is due to missing nonce verification in the rd_ic_settings_page func
Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search
Cross-Site Request Forgery (CSRF) vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommer
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' and 'wp_cart_display_product' shortcodes in all versions up to, a
Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL u
Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2.
Cross-Site Request Forgery (CSRF) vulnerability in fullworks Quick Paypal Payments quick-paypal-payments allows Cross Site Request Forgery.This issue affects Quick Paypal Payments: from n/a through <=
Cross-Site Request Forgery (CSRF) vulnerability in Streamline CartBounty – Save and recover abandoned carts for WooCommerce woo-save-abandoned-carts allows Cross Site Request Forgery.This issue affect
Cross-Site Request Forgery (CSRF) vulnerability in impleCode Product Catalog Simple post-type-x.This issue affects Product Catalog Simple: from n/a through <= 1.8.4.
OpenCart 3.0.3.6 contains a cross-site request forgery vulnerability in the /account/edit endpoint that allows unauthenticated attackers to modify victim account details by tricking users into visitin
Page 1+ Next →