CVE-2025-40679
- EPSS 0.07%
- Veröffentlicht 20.01.2026 11:53:39
- Zuletzt bearbeitet 26.01.2026 15:05:23
HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/category_product_search', affecting the 'product_name' parameter.
CVE-2021-47769
- EPSS 0.01%
- Veröffentlicht 15.01.2026 15:52:10
- Zuletzt bearbeitet 26.01.2026 16:15:55
Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potenti...
CVE-2025-13239
- EPSS 0.08%
- Veröffentlicht 16.11.2025 06:15:43
- Zuletzt bearbeitet 20.11.2025 20:59:13
A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submit_checkout. Such manipulation of the argument order_total_am...
CVE-2025-13186
- EPSS 0.04%
- Veröffentlicht 14.11.2025 21:32:05
- Zuletzt bearbeitet 21.11.2025 22:31:03
A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution up to 4.0. This impacts an unknown function of the file /dashboard/Ccustomer/manage_customer. This manipulation of the argument Search causes cros...