Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66845 | 1 Nooncarlett | 1 Techstore | 2026-01-05 | N/A | 6.1 MEDIUM |
| A reflected Cross-Site Scripting (XSS) vulnerability has been identified in TechStore version 1.0. The user_name endpoint reflects the id query parameter directly into the HTML response without output encoding or sanitization, allowing execution of arbitrary JavaScript code in a victim’s browser. | |||||
| CVE-2025-63543 | 1 Nooncarlett | 1 Techstore | 2025-11-21 | N/A | 6.1 MEDIUM |
| TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q parameter. | |||||
| CVE-2025-63544 | 1 Nooncarlett | 1 Techstore | 2025-11-21 | N/A | 6.1 MEDIUM |
| TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter. | |||||