Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2004-2123
Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote malicious users to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level pa...
Nextplace E-commerce Asp Engine
5
CVSSv2
CVE-2021-28110
/exec in TranzWare e-Commerce Payment Gateway (TWEC PG) prior to 3.1.27.5 had a vulnerability in its XML parser.
Compassplus Tranzware E-commerce Payment Gateway
4.3
CVSSv2
CVE-2021-28126
index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) prior to 3.1.27.5 had a Stored cross-site scripting (XSS) vulnerability
Compassplus Tranzware E-commerce Payment Gateway
4.3
CVSSv2
CVE-2006-0534
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce allow remote malicious users to inject arbitrary web script or HTML via the (1) ortak or (2) kat parameter.
Cybershop Asp Ultimate E-commerce Script
1 EDB exploit
7.5
CVSSv2
CVE-2006-5777
Creasito E-Commerce Content Manager 1.3.08 allows remote malicious users to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat....
Creasito Creasito E-commerce Content Manager
1 EDB exploit
5
CVSSv2
CVE-2015-5468
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin prior to 2.6 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter to includes/download.php.
Wpshopstyling Wp E-commerce Shop Styling
1 EDB exploit
3.5
CVSSv2
CVE-2006-4360
Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (20060812) allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors.
Drupal Drupal E-commerce Module 4.7
7.5
CVSSv2
CVE-2007-0232
PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the jssShopFileSystem parameter.
Jshop E-commerce Jshop Server 1.3
1 EDB exploit
6.8
CVSSv2
CVE-2006-5960
Multiple cross-site scripting (XSS) vulnerabilities in account_login.asp in A+ Store E-Commerce allow remote malicious users to inject arbitrary web script or HTML via the (1) username (txtUserName) and (2) password (txtPassword) parameters. NOTE: portions of these details are ob...
Web Inhabit A\\+ Store E-commerce
7.5
CVSSv2
CVE-2006-4969
Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote malicious users to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (...
Wahm E-commerce Pie Cart Pro
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »