iscripts eswap CVE 漏洞(9)

CVE 数: 9 CPE versions: View versions table

摘要

本页列出影响 iscripts eswap 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 199 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2018-11470 iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel. [email protected] 8.8 1.05% 2018-05-25 2026-06-16
CVE-2018-11373 iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. [email protected] 9.8 1.20% 2018-05-22 2026-06-16
CVE-2018-11372 iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. [email protected] 9.8 1.20% 2018-05-22 2026-06-16
CVE-2018-10135 iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel. [email protected] 6.1 0.69% 2018-04-16 2026-06-16
CVE-2018-10050 iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel. [email protected] 7.2 1.04% 2018-04-11 2026-06-16
CVE-2018-10049 iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel. [email protected] 4.8 0.55% 2018-04-11 2026-06-16
CVE-2018-10048 iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel. [email protected] 8.8 0.51% 2018-04-11 2026-06-16
CVE-2010-5036 SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. [email protected] 7.5 1.22% 2011-11-02 2026-06-16
CVE-2010-5035 Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information. [email protected] 4.3 1.84% 2011-11-02 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence