CVE-2025-11476

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

EUVD-2025-33168

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-11480

A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2023-1503

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...

CVE-2023-1503

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...

CVE-2023-1502

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...

CVE-2023-1504 SourceCodester Alphaware Simple E-Commerce System sql injection

A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND SELECT 6077 FROM SELECTSLEEP5dltn AND 'PhRa'='PhRa leads to sql...

CVE-2023-1503

CVE-2023-1503 affects SourceCodester Alphaware Simple E-Commerce System 1.0. A SQL injection vulnerability exists in the admin/admin_index.php file, triggered by manipulating the username/password inputs (example payload: admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX). The issue all...

CVE-2023-26905

An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id...

CVE-2023-0998

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...

CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...

Alphaware Simple E-Commerce System 访问控制错误漏洞

Alphaware Simple E-Commerce System is an e-commerce system by razormist individual developers. An Access Control Error vulnerability exists in SourceCodester Alphaware Simple E-Commerce System version 1.0, which stems from incorrect manipulation of the parameter amount resulting in incorrect acce...

CVE-2022-2682

CVE-2022-2682 affects SourceCodester Alphaware Simple E-Commerce System, specifically the stockin.php/stock.php component. The vulnerability is a cross-site scripting (XSS) flaw triggered by manipulating the id argument (e.g., '">) to inject script code. It can be exploited remotely; the explo...

CVE-2022-2678

CVE-2022-2678 affects SourceCodester Alphaware Simple E-Commerce System. The vulnerable component is the Background Management Page’s admin_feature.php, where an unrestricted upload vulnerability (remote) can be triggered. Public exploit is noted; VDB-205666 is the vulnerability ID. Impact is des...