4 matches found
CVE-2022-39978
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point...
CVE-2022-41377
Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /petshop/admin/?page=maintenance/managecategory...
CVE-2022-40934
Online Pet Shop We App v1.0 is vulnerable to SQL injection via /petshop/classes/Master.php?f=deletesubcategory,id...
Online Pet Shop We App SQL注入漏洞
Online Pet Shop We App is an online pet store web application by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Online Pet Shop We App v1.0, which originates from /petshop/classes/Master.php?f=deletecategory page id parameter is susceptible to SQL injection...