Vulnerability Database

317,018

Total vulnerabilities in the database

CVE-2025-68890

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hands01 e-shops e-shops-cart2 allows DOM-Based XSS.This issue affects e-shops: from n/a through <= 1.0.4.

  • Published: Jan 8, 2026
  • Updated: Jan 9, 2026
  • CVE: CVE-2025-68890
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

No affected software listed.