Lucene search
+L

153 matches found

Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.13 views

PT-2026-35823

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save user of the file /admin/ajax.php?action=save user. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS3.1AI score0.00202EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.7 views

PT-2026-35822

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save order of the file /admin/ajax.php?action=save order. Performing a manipulation of the argument first name results in cross site scripting. Remote exploitation of the attack is possible. The...

4.8CVSS3.5AI score0.00202EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.7 views

PT-2026-35705

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get cart items of the file /admin/ajax.php?action=get cart items. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has bee...

6.5CVSS6.5AI score0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.7 views

PT-2026-35712

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function save category of the file /admin/ajax.php?action=save category. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...

6.5CVSS6.2AI score0.002EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability stems from the ID parameter in the getcartcount function of the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.12 views

SourceCodester Pizzafy Ecommerce System 跨站脚本漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a cross-site scripting vulnerability. This vulnerability arises from the parameter Name in the saveuser function in the file...

4.8CVSS5.6AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.8 views

mall 授权问题漏洞

Mall is a set of e-commerce systems developed by Macro Personal Developers, including a front-end shopping mall system and a back-end management system. Versions of Mall 1.0.3 and earlier had authorization issues and vulnerabilities. These vulnerabilities stemmed from authentication flaws in the...

9.8CVSS5.8AI score0.00615EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/28 3:59 p.m.3 views

CVE-2025-12291

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS6.2AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 3:32 p.m.12 views

CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS0.00276EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.4 views

mall 安全漏洞

mall is an e-commerce system for macro individual developers, including the front-end mall system and the back-end management system. A security vulnerability exists in mall 1.0.3 and earlier versions, which stems from an issue with the transmission of sensitive information in clear text...

6.3CVSS4.6AI score0.00368EPSS
Exploits1References6
Snyk
Snyk
added 2025/07/14 3:45 a.m.6 views

Cross-site Scripting (XSS)

Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple pages when handling the lang or systemtype arguments. An attacker can inject and execute arbitrary scripts in the context of a user's browser by supplying...

6.1CVSS5.6AI score0.00324EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.13 views

mall 安全漏洞

mall is an e-commerce system for macro individual developers, including a frontend mall system and a backend management system. A security vulnerability exists in mall version 1.0.3 and earlier versions, which stems from allowing the use of default encryption keys...

8.1CVSS5.3AI score0.00696EPSS
Exploits0References4
OSV
OSV
added 2024/08/23 12:15 a.m.7 views

CVE-2024-8089

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack...

9.8CVSS5.5AI score0.00697EPSS
Exploits1References5
OSV
OSV
added 2024/08/22 11:15 p.m.5 views

CVE-2024-8086

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument useremail leads to sql injection. The attack can be...

9.8CVSS5.8AI score0.00689EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.7 views

SourceCodester E-Commerce System SQL注入漏洞

SourceCodester E-Commerce System is an e-commerce system from SourceCodester Inc. SourceCodester E-Commerce System version 1.0 suffers from a SQL injection vulnerability in the useremail parameter of /ecommerce/admin/login.php of the component Admin Login page...

9.8CVSS7.8AI score0.00689EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.7 views

Verydows 跨站请求伪造漏洞

Verydows is a lightweight open source e-commerce management system developed using the PHP language. Verytops Verydows suffers from a security vulnerability that stems from the presence of a cross-site request forgery CSRF vulnerability, which allows an attacker to execute arbitrary code via a...

8.8CVSS8.3AI score0.00378EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/04/11 12:0 a.m.6 views

The vulnerability in the /ecommerce/admin/settings/setDiscount.php script of the SourceCodester E-Commerce System allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the ecommerce/admin/settings/setDiscount.php file of the SourceCodester E-Commerce System is related to the lack of protection for SQL query structures. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

7.3CVSS6.2AI score0.00551EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.7 views

PT-2023-17073 · Sourcecodester · Sourcecodester E-Commerce System

Name of the Vulnerable Software and Affected Versions: SourceCodester E-Commerce System version 1.0 Description: A critical issue affects some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the USERID...

9.8CVSS6.6AI score0.00457EPSS
Exploits0References5
OSV
OSV
added 2023/03/20 10:15 a.m.4 views

CVE-2023-1507

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY...

6.1CVSS3.8AI score0.00357EPSS
Exploits0References2
OSV
OSV
added 2023/03/20 9:15 a.m.6 views

CVE-2023-1504

A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND SELECT 6077 FROM SELECTSLEEP5dltn AND 'PhRa'='PhRa leads to sql...

8.1CVSS5.2AI score0.00608EPSS
Exploits1References2
Rows per page
Query Builder