CVE-2025-15583

Medium CVSS: 5.1

A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Vendor

Detronetdip

Product

E-commerce

CWE

CWE-79

Yayın Tarihi

2026-02-20 17:25:09

Güncelleme

2026-02-26 03:09:55

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 E-commerce MEDIUM Detronetdip 2026

Referanslar

https://github.com/Nixon-H/PHP-Stored-XSS-Bypass-Real-Escape https://github.com/detronetdip/E-commerce/ https://github.com/detronetdip/E-commerce/issues/23 https://vuldb.com/?ctiid.346487 https://vuldb.com/?id.346487 https://vuldb.com/?submit.754033

Benzer Kayıtlar

Medium

CVE-2025-15582

A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the function Delete/Update…

Medium

CVE-2026-2164

A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the f…

Medium

CVE-2026-2165

A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/asset…