Lucene search
K

106 matches found

CNVD
CNVD
added 2023/04/11 12:0 a.m.13 views

Online Computer and Laptop Store Arbitrary File Upload Vulnerability (CNVD-2023-29392)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 contains an arbitrary file upload vulnerability, which stems from the lack of valid validation of uploaded files in file/admin/?page=user, and can...

9.6AI score0.00893EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/04/11 12:0 a.m.19 views

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29384)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of externally entered SQL statements in the parameter...

9.2AI score0.00717EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/04/11 12:0 a.m.20 views

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29388)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...

9.2AI score0.00717EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.6 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. An SQL injection vulnerability exists in SourceCodester Online Computer and Laptop Store version 1.0, which stems from an improper manipulation of the parameter name that can lead to sql...

7.2CVSS6.8AI score0.00767EPSS
Exploits1References4
CNVD
CNVD
added 2023/04/11 12:0 a.m.20 views

Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29383)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...

9.9AI score0.00726EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/04/11 12:0 a.m.13 views

Online Computer and Laptop Store Cross-Site Scripting Vulnerability (CNVD-2023-29393)

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in...

6AI score0.00611EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2023/04/10 12:0 a.m.18 views

Online Computer and Laptop Store SQL Injection Vulnerability

Online Computer and Laptop Store is an online computer and laptop sales system. Online Computer and Laptop Store is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection and steal data, among other things...

9.2AI score0.00717EPSS
Exploits1
Exploit DB
Exploit DB
added 2023/04/10 12:0 a.m.276 views

Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)

!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...

9.8CVSS9.7AI score0.04353EPSS
Exploits4
CVE
CVE
added 2023/04/08 11:31 a.m.56 views

CVE-2023-1960

SourceCodester Online Computer and Laptop Store 1.0 is affected by CVE-2023-1960 via SQL injection in /classes/Master.php?f=delete_category (id parameter). The issue allows remote exploitation and is classified as critical; exploit information has been disclosed publicly. Multiple sources confirm...

8.8CVSS7.8AI score0.00717EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/04/08 11:15 a.m.28 views

CVE-2023-1958

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

9.8CVSS7.4AI score0.00726EPSS
Exploits1References3
Prion
Prion
added 2023/04/08 11:15 a.m.18 views

Sql injection

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...

6.5CVSS9AI score0.00717EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/08 11:0 a.m.21 views

CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...

6.5CVSS9.2AI score0.00717EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/04/08 11:0 a.m.12 views

CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...

6.5CVSS7.8AI score0.00717EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/08 10:31 a.m.32 views

CVE-2023-1958 SourceCodester Online Computer and Laptop Store sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

6.5CVSS9.9AI score0.00726EPSS
Exploits1References3
CVE
CVE
added 2023/04/08 10:31 a.m.115 views

CVE-2023-1958

CVE-2023-1958 concerns a SQL injection in SourceCodester Online Computer and Laptop Store 1.0, affecting an unknown part of /classes/Master.php?f=delete_sub_category where the id parameter is manipulated to execute arbitrary SQL. A remote attacker could exploit this vulnerability, and public disc...

9.8CVSS8.3AI score0.00726EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/04/08 10:31 a.m.111 views

CVE-2023-1957

CVE-2023-1957 affects SourceCodester Online Computer and Laptop Store v1.0. The SQL injection is triggered via the sub_category parameter in /classes/Master.php?f=save_sub_category (Subcategory Handler). Several sources describe remote exploitation, with high-severity impact on confidentiality, i...

8.8CVSS7.7AI score0.00717EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/04/08 10:15 a.m.24 views

CVE-2023-1954

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...

8.8CVSS7.3AI score0.00717EPSS
Exploits1References3
NVD
NVD
added 2023/04/08 10:15 a.m.19 views

CVE-2023-1953

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/sales/index.php. The manipulation of the argument datestart/dateend leads to sql injection. The attack can be initiated...

8.8CVSS7.4AI score0.00717EPSS
Exploits1References3
Prion
Prion
added 2023/04/08 10:15 a.m.19 views

Sql injection

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...

6.5CVSS8.9AI score0.00717EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/08 10:0 a.m.35 views

CVE-2023-1956 SourceCodester Online Computer and Laptop Store Image path traversal

A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteimg of the component Image Handler. The manipulation of the argument path leads to path...

5.5CVSS9AI score0.01075EPSS
Exploits1References3
Rows per page
Query Builder