Lucene search
+L

39 matches found

nvd
nvd
added 2026/07/04 5:16 p.m.17 views

CVE-2026-14635

A security flaw has been discovered in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 222ff31c06687b1c6d0e1ab63953f82c3674c52b. This issue affects some unknown processing of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Multi-Image Endpoint. Performing ...

7.5CVSS0.00437EPSS
Exploits0References7
cve
cve
added 2026/07/04 4:30 p.m.22 views

CVE-2026-14635

The CVE-2026-14635 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap (vendor’s Vendor Multi-Image Endpoint). The flaw arises from path traversal when manipulating the folder argument in the AddProduct.php handler, enabling remote initiation. Public exploit available; no version specifics are pr...

7.5CVSS6.5AI score0.00437EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/05/26 8:15 p.m.14 views

CVE-2026-9445

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00261EPSS
Exploits0References1
nvd
nvd
added 2026/05/25 10:16 a.m.11 views

CVE-2026-9445

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS0.00261EPSS
Exploits0References5
cve
cve
added 2026/05/25 9:15 a.m.27 views

CVE-2026-9445

CVE-2026-9445 affects SourceCodester Simple POS and Inventory System 1.0. The vulnerability is in an unrestricted upload through the /admin/addproduct.php file (File Extension Handler); manipulating the image argument enables remote code upload. Impact and exploitation details indicate remote exp...

6.5CVSS6.2AI score0.00261EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/05/25 9:15 a.m.9 views

CVE-2026-9445 SourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted upload

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00261EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/25 9:15 a.m.53 views

CVE-2026-9445 SourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted upload

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS0.00261EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/25 12:0 a.m.12 views

SourceCodester Simple POS and Inventory System 代码问题漏洞

SourceCodester Simple POS and Inventory System is SourceCodester open source a simple POS and inventory system . SourceCodester Simple POS and Inventory System 1.0 version of the code problem vulnerability , the vulnerability stems from the File Extension Handler component /admin/addproduct.php...

6.5CVSS6.7AI score0.00261EPSS
Exploits0References6
euvd
euvd
added 2025/12/28 9:30 p.m.5 views

EUVD-2025-205527

A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa. This vulnerability affects the function addProduct of the file src/main/java/com/ms/product/controller/PmsProductController.java. Such manipulation of the argument objectName leads to unrestricted...

6.5CVSS6.1AI score0.00202EPSS
Exploits0References5
nvd
nvd
added 2025/12/28 8:15 p.m.10 views

CVE-2025-15152

A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa. This vulnerability affects the function addProduct of the file src/main/java/com/ms/product/controller/PmsProductController.java. Such manipulation of the argument objectName leads to unrestricted...

6.5CVSS0.00202EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/12/28 8:2 p.m.3 views

CVE-2025-15152 h-moses moga-mall PmsProductController.java addProduct unrestricted upload

A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa. This vulnerability affects the function addProduct of the file src/main/java/com/ms/product/controller/PmsProductController.java. Such manipulation of the argument objectName leads to unrestricted...

6.5CVSS6.2AI score0.00202EPSS
Exploits0References4
cvelist
cvelist
added 2025/12/28 8:2 p.m.25 views

CVE-2025-15152 h-moses moga-mall PmsProductController.java addProduct unrestricted upload

A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa. This vulnerability affects the function addProduct of the file src/main/java/com/ms/product/controller/PmsProductController.java. Such manipulation of the argument objectName leads to unrestricted...

6.5CVSS0.00202EPSS
Exploits0References4
cve
cve
added 2025/12/28 8:2 p.m.14 views

CVE-2025-15152

CVE-2025-15152 affects the h-moses moga-mall product service, specifically the addProduct function in src/main/java/com/ms/product/controller/PmsProductController.java. The root cause is manipulation of the objectName argument, enabling unrestricted (unbounded) uploads. The issue is exploitable r...

6.5CVSS6.2AI score0.00202EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/12/28 12:0 a.m.7 views

PT-2025-53667

Name of the Vulnerable Software and Affected Versions h-moses moga-mall versions prior to 392d631a5ef15962a9bddeeb9f1269b9085473fa Description A vulnerability exists in h-moses moga-mall. The issue affects the addProduct function within the file...

6.5CVSS6.5AI score0.00202EPSS
Exploits0References9
osv
osv
added 2025/12/23 11:15 p.m.6 views

CVE-2025-15049

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

9.8CVSS5.8AI score0.0033EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/12/23 11:2 p.m.3 views

CVE-2025-15049 code-projects Online Farm System addProduct.php sql injection

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

7.5CVSS6.8AI score0.0033EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/10/29 7:32 a.m.5 views

CVE-2025-12378

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS7.3AI score0.00479EPSS
Exploits1References1
osv
osv
added 2025/10/28 6:15 a.m.5 views

CVE-2025-12378

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.6AI score0.00479EPSS
Exploits1References5
cvelist
cvelist
added 2025/10/28 5:32 a.m.16 views

CVE-2025-12378 code-projects Simple Food Ordering System addproduct.php unrestricted upload

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.00479EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/10/28 5:32 a.m.2 views

CVE-2025-12378 code-projects Simple Food Ordering System addproduct.php unrestricted upload

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.6AI score0.00479EPSS
Exploits1References5
Rows per page
Query Builder