nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area.
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality.
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality. Malicious payloads inserted into the "Product Name" and "Short Description" fields are stored in
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality.
nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/[id]. Each time a user views the product in the shop, the XSS payload fires.
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality.
A reflected cross-site scripted (XSS) vulnerability in the /ecommerce/products.php component of E-commerce Project v1.0 and earlier allows attackers to execute arbitrary Javascript in the context of a
SourceCodester Web-based Pharmacy Product Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in Category Management via the category name field.
Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the product_data parameter of add/edit product in the administration interface.
A cross-site scripting (XSS) vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted p
A stored cross-site scripting (XSS) vulnerability in October CMS Bloghub Plugin v1.3.8 and lower allows attackers to execute arbitrary web scripts or HTML via a crafted payload into the Comments secti
A Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the phone_number paramete
SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services.
A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this issue is some unknown functionality. The manipulation leads to cro
Ultimate Product Catalogue 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price parameter. Attackers can submit
A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter.
Unauthenticated Cross Site Scripting (XSS) in Min Max Step Quantity Limits Manager for WooCommerce <= 5.2.2 versions.
A Cross-site scripting (XSS) vulnerability in Create/Update Item Kit(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter.
Stored cross-site scripting vulnerability exists in multiple versions of PowerCMS. If a product user accesses a malicious page, an arbitrary script may be executed on the browser.
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the `wpcbm_best_seller` shortcode in all versions up to, and incl
Page 1+ Next →