ReportizFlow
Filtered by vendor Techstore
Subscriptions
Filtered by product Techstore
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66845 | 1 Techstore | 1 Techstore | 2025-12-24 | 6.1 Medium |
| A reflected Cross-Site Scripting (XSS) vulnerability has been identified in TechStore version 1.0. The user_name endpoint reflects the id query parameter directly into the HTML response without output encoding or sanitization, allowing execution of arbitrary JavaScript code in a victim’s browser. | ||||
| CVE-2025-63543 | 2 Nooncarlett, Techstore | 2 Techstore, Techstore | 2025-11-21 | 6.1 Medium |
| TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q parameter. | ||||
| CVE-2025-63544 | 2 Nooncarlett, Techstore | 2 Techstore, Techstore | 2025-11-21 | 6.1 Medium |
| TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter. | ||||
Page 1 of 1.