CVE-2026-35262

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware component: Market Place. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Data...

EUVD-2018-8295

Malware in sbrugna...

EUVD-2022-35219

Malicious code in bioql PyPI...

EUVD-2022-33958

Malicious code in bioql PyPI...

CVE-2022-29627

An insecure direct object reference IDOR in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers...

CVE-2022-29628

A cross-site scripting XSS vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter...

CVE-2022-30003

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

CVE-2021-20833

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate...

CVE-2022-30004

Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection...

Sql injection

Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection...

CVE-2022-30004

CVE-2022-30004 affects Sourcecodester Online Market Place Site, version 1.0, describing an unauthenticated blind SQL injection vulnerability that enables remote attackers to dump the SQL database via time-based SQL injection. Root cause is improper handling of SQL queries in the application, allo...

CVE-2022-30003

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

CVE-2022-30003

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

Cross site scripting

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

CVE-2022-30003

CVE-2022-30003 affects Sourcecodester Online Market Place Site 1.0. The vulnerability is an authenticated stored XSS in the product entry workflow: attackers can register as a Seller and save new products with payloads in the Product Title and Short Description fields. Multiple sources corroborat...

CVE-2022-30003

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

PT-2022-19963 · Unknown · Sourcecodester Online Market Place Site

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Market Place Site version 1.0 Description: The issue allows attackers to register as a Seller and then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields. This enables Cross...

PT-2022-19964 · Unknown · Sourcecodester Online Market Place Site

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Market Place Site version 1.0 Description: The issue allows remote attackers to dump the SQL database via time-based SQL injection. This is an unauthenticated blind SQL Injection, enabling attackers to access the databas...

Online Market Place Site 1.0 SQL Injection

Exploit Title: Online Market Place Site v1.0 - Unauthenticated Blind Time-Based SQL Injection Exploit Author: Joe Pollock Date: September 03, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...

Online Market Place Site 1.0 Cross Site Scripting

Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting XSS Exploit Author: Joe Pollock Date: September 03, 2022 Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html Software Link:...