Unrated severityNVD Advisory· Published Oct 1, 2019· Updated Aug 4, 2024
CVE-2019-8290
CVE-2019-8290
Description
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.
Affected products
1- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.openwall.com/lists/oss-security/2019/10/02/1mitremailing-listx_refsource_MLIST
- www.vapidlabs.com/advisory.phpmitrex_refsource_MISC
- www.abcprintf.com/view_download.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.