8 matches found
CVE-2025-13424
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-13424 Campcodes Supplier Management System add_product.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
PT-2025-47542
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add product.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2025-12291
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...
CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload
A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...
CVE-2025-12291
Summary (CVE-2025-12291) ashymuzuro’s Full-Ecommece-Website and Muzuro Ecommerce System (up to 1.1.0) contain an unrestricted upload flaw in the Add Product Page at /admin/index.php?add_product. The root cause is an input/validation issue that allows remote attackers to upload arbitrary files, en...
E-Commerce Website 跨站脚本漏洞
A cross-site scripting vulnerability exists in E-Commerce Website version 1.0, which originates from a cross-site scripting XSS vulnerability in /public/admin/index.php?addproduct that allows an attacker to inject a specially crafted payload into the product title text field by injecting speciall...
CVE-2022-27435
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...