Lucene search
K

97 matches found

OSV
OSV
added 2022/05/23 9:16 p.m.4 views

CVE-2022-30015

In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/allusers.php like Full Username, etc .This causes stored xss...

5.4CVSS5.8AI score0.00509EPSS
Exploits1References2
Prion
Prion
added 2022/05/23 9:16 p.m.12 views

Cross site scripting

In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/allusers.php like Full Username, etc .This causes stored xss...

3.5CVSS5.3AI score0.00509EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/23 8:50 p.m.69 views

CVE-2022-30015

In CVE-2022-30015, a stored XSS exists in Simple Food Website 1.0. The vulnerability arises when a moderator submits payloads in any input field on http://127.0.0.1:1234/food/admin/all_users.php (e.g., Full Username), leading to stored cross-site scripting. Affected software/component: Simple Foo...

5.4CVSS5.3AI score0.00509EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/23 8:50 p.m.17 views

CVE-2022-30015

In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/allusers.php like Full Username, etc .This causes stored xss...

5.6AI score0.00509EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/23 4:16 p.m.3 views

CVE-2022-30014

Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery CSRF which allows anyone to takeover admin/moderater account...

8.8CVSS5.9AI score0.00516EPSS
Exploits1References4
OSV
OSV
added 2022/05/23 4:16 p.m.3 views

CVE-2022-30014

Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery CSRF which allows anyone to takeover admin/moderater account...

8.8CVSS7.3AI score0.00516EPSS
Exploits1References3
NVD
NVD
added 2022/05/23 4:16 p.m.14 views

CVE-2022-30014

Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery CSRF which allows anyone to takeover admin/moderater account...

8.8CVSS0.00516EPSS
Exploits1References1
CVE
CVE
added 2022/05/23 3:42 p.m.59 views

CVE-2022-30014

CVE-2022-30014 affects Lumidek Associates Simple Food Website 1.0. The vulnerability is a Cross Site Request Forgery (CSRF) that can allow an attacker to take over the administrator/moderator account because the web application does not adequately validate requests from a trusted user. Root cause...

8.8CVSS8.8AI score0.00516EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/23 3:42 p.m.20 views

CVE-2022-30014

Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery CSRF which allows anyone to takeover admin/moderater account...

9AI score0.00516EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/23 12:0 a.m.3 views

Lumidek Associates Simple Food Website 跨站脚本漏洞

Lumidek Associates Simple Food Website is Simple Food Website CMS. A cross-site scripting vulnerability exists in Lumidek Associates Simple Food Website 1.0, which stems from a lack of filtering and escaping of field data in food/admin/allusers.php. The vulnerability can be exploited to conduct a...

5.4CVSS5.3AI score0.00509EPSS
Exploits1References5
CNVD
CNVD
added 2021/09/16 12:0 a.m.14 views

SourceCodester Simple Food Website SQL Injection Vulnerability

SourceCodester Simple Food Website is a CMS by SourceCodester, Inc. developed using PHP and MySQL database. sourcecodester Basic Shopping Cart is vulnerable to SQL injection, which can be exploited by attackers to bypass authentication Become an administrator...

9.8CVSS3.3AI score0.02916EPSS
Exploits1References1
OSV
OSV
added 2021/07/30 2:15 p.m.4 views

CVE-2021-34166

A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin...

9.8CVSS7.4AI score0.02916EPSS
Exploits1References1
NVD
NVD
added 2021/07/30 2:15 p.m.11 views

CVE-2021-34166

A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin...

9.8CVSS0.02916EPSS
Exploits1References1
Prion
Prion
added 2021/07/30 2:15 p.m.13 views

Sql injection

A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin...

7.5CVSS9.5AI score0.02916EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/07/30 12:0 a.m.6 views

SourceCodester Simple Food Website SQL注入漏洞

SourceCodester Simple Food Website is a CMS by SourceCodester, Inc. developed using PHP and MySQL database. sourcecodester Basic Shopping Cart is vulnerable to SQL injection, which can be exploited by attackers to bypass authentication Become an administrator...

9.8CVSS5.8AI score0.02916EPSS
Exploits1References1
CVE
CVE
added 2021/07/28 3:4 p.m.54 views

CVE-2021-34166

CVE-2021-34166 concerns Sourcecodester Simple Food Website 1.0, where a SQL injection vulnerability in the application enables a remote attacker to bypass authentication and gain admin privileges. The NVD entry documents a high/critical impact profile (CVSS v3.1: 9.8, sequence NETWORK/LOW complex...

9.8CVSS9.5AI score0.02916EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/28 3:4 p.m.18 views

CVE-2021-34166

A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin...

9.8AI score0.02916EPSS
Exploits1References1
Rows per page
Query Builder