79 matches found
EUVD-2026-31656
A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...
PT-2026-43030
A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...
CVE-2026-5647
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...
CVE-2026-5647
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...
CVE-2026-5647 code-projects Online Shoe Store Add Product admin_feature.php cross site scripting
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...
CVE-2026-5647
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...
PT-2026-30597
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin feature.php of the component Add Product Page. The manipulation of the argument product name results in cross site scripting. The attack may be launched remotely. The exploit...
moga-mall 代码问题漏洞
moga-mall is a microservices architecture based e-commerce platform by h-moses individual developers. A code issue vulnerability exists in moga-mall 392d631a5ef15962a9bddeeb9f1269b9085473fa and earlier versions, which originates from the file...
CVE-2025-15049
The CVE-2025-15049 entry applies to code-projects Online Farm System 1.0, where the vulnerability is in an unknown function of /addProduct.php. The flaw is a SQL injection triggered by manipulating the Username parameter, with remote initiation and a publicly available exploit. These details are ...
CVE-2025-13424
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-13424
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-13424
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-13424
CVE-2025-13424 affects CampCodes Supplier Management System 1.0. The vulnerability is an SQL injection in the /admin/add_product.php endpoint, caused by unsafely handling the txtProductName parameter. Remote exploitation is possible and exploits have been disclosed publicly. The available documen...
CVE-2025-13424 Campcodes Supplier Management System add_product.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-13424 Campcodes Supplier Management System add_product.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
PT-2025-47542
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add product.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CampCodes Supplier Management System SQL注入漏洞
CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter txtProductName in the file /admin/addproduct.php, which...
CVE-2025-12291
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...
EUVD-2025-36200
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...
CVE-2025-12291
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...