11 matches found
CVE-2023-1737
A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2023-1735 SourceCodester Young Entrepreneur E-Negosyo System passwordrecover.php sql injection
A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched...
Sourcecodester E-Negosyo System SQL Injection (CVE-2021-41674)
An SQL injection vulnerability exists in Sourcecodester E-Negosyo System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Sourcecodester E-Negosyo System Remote Code Execution Vulnerability
Sourcecodester E-Negosyo System is an open source online ordering system with SMS notifications. sourcecodester E-Negosyo System is vulnerable to remote code execution, which can be exploited by attackers to execute arbitrary code via the "/admin/produts/controller. php" in the doInsert function...
CVE-2021-41675
A Remote Code Execution RCE vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei...
CVE-2021-41675
A Remote Code Execution RCE vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei...
CVE-2021-41674
An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the useremail parameter in /admin/login.php...
Remote code execution
A Remote Code Execution RCE vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei...
CVE-2021-41675
Summary: CVE-2021-41675 is a Remote Code Execution in Sourcecodester E-Negosyo System 1.0. The flaw exists in the admin/produts/controller.php doInsert function, where image validation is performed via getImageSizei. Public sources across multiple feeds corroborate an RCE condition, but the exact...
CVE-2021-41674
An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the useremail parameter in /admin/login.php...
Sourcecodester E-Negosyo System 代码问题漏洞
Sourcecodester E-Negosyo System is an open source online ordering system with SMS notifications. sourcecodester E-Negosyo System is vulnerable to remote code execution, which can be exploited by attackers to execute arbitrary code via the "/admin/produts/controller. php" in the doInsert function...