106 matches found
Online Computer and Laptop Store Arbitrary File Upload Vulnerability (CNVD-2023-29392)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 contains an arbitrary file upload vulnerability, which stems from the lack of valid validation of uploaded files in file/admin/?page=user, and can...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29384)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of externally entered SQL statements in the parameter...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29388)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...
Online Computer and Laptop Store SQL注入漏洞
Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. An SQL injection vulnerability exists in SourceCodester Online Computer and Laptop Store version 1.0, which stems from an improper manipulation of the parameter name that can lead to sql...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29383)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...
Online Computer and Laptop Store Cross-Site Scripting Vulnerability (CNVD-2023-29393)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in...
Online Computer and Laptop Store SQL Injection Vulnerability
Online Computer and Laptop Store is an online computer and laptop sales system. Online Computer and Laptop Store is vulnerable to SQL injection, which can be exploited by attackers to perform SQL injection and steal data, among other things...
Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Online Computer and Laptop Store 1.0 - Remote Code Execution RCE Date: 09/04/2023 Exploit Author: Matisse Beckandt Backendt Vendor Homepage:...
CVE-2023-1960
SourceCodester Online Computer and Laptop Store 1.0 is affected by CVE-2023-1960 via SQL injection in /classes/Master.php?f=delete_category (id parameter). The issue allows remote exploitation and is classified as critical; exploit information has been disclosed publicly. Multiple sources confirm...
CVE-2023-1958
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
Sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument category leads to sql injection. The attack can be initiated...
CVE-2023-1958 SourceCodester Online Computer and Laptop Store sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file /classes/Master.php?f=deletesubcategory. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2023-1958
CVE-2023-1958 concerns a SQL injection in SourceCodester Online Computer and Laptop Store 1.0, affecting an unknown part of /classes/Master.php?f=delete_sub_category where the id parameter is manipulated to execute arbitrary SQL. A remote attacker could exploit this vulnerability, and public disc...
CVE-2023-1957
CVE-2023-1957 affects SourceCodester Online Computer and Laptop Store v1.0. The SQL injection is triggered via the sub_category parameter in /classes/Master.php?f=save_sub_category (Subcategory Handler). Several sources describe remote exploitation, with high-severity impact on confidentiality, i...
CVE-2023-1954
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...
CVE-2023-1953
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/sales/index.php. The manipulation of the argument datestart/dateend leads to sql injection. The attack can be initiated...
Sql injection
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been rated as critical. This issue affects the function saveinventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...
CVE-2023-1956 SourceCodester Online Computer and Laptop Store Image path traversal
A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deleteimg of the component Image Handler. The manipulation of the argument path leads to path...