EUVD-2024-44490

Malicious code in bioql PyPI...

EUVD-2024-51112

Malicious code in bioql PyPI...

CVE-2024-11663

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2024-12794

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2024-12792

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

CVE-2024-12792

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

CVE-2024-12794 Codezips E-Commerce Site editorder.php sql injection

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2024-12794

CVE-2024-12794 affects Codezips E-Commerce Site 1.0, specifically the /admin/editorder.php file. The vulnerability arises from manipulating the dstatus/quantity/ddate parameter, leading to SQL injection. Evidence across multiple sources confirms remote feasibility and public disclosure, indicatin...

CVE-2024-12794 Codezips E-Commerce Site editorder.php sql injection

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2024-12792

CVE-2024-12792 affects Codezips E-Commerce Site 1.0. The vulnerability is an SQL injection in the parameter email of the file newadmin.php, enabling remote exploitation. Multiple connected sources corroborate the issue and indicate exploitation has been disclosed publicly. The CVE is characterize...

CVE-2024-12792 Codezips E-Commerce Site newadmin.php sql injection

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

CVE-2024-12792 Codezips E-Commerce Site newadmin.php sql injection

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

CVE-2024-12791 Codezips E-Commerce Site signin.php sql injection

A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-12791 Codezips E-Commerce Site signin.php sql injection

A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

PT-2024-17743 · Unknown · Codezips E-Commerce Site

Name of the Vulnerable Software and Affected Versions: Codezips E-Commerce Site version 1.0 Description: A critical issue has been found in the newadmin.php file, affecting an unknown functionality. The manipulation of the email argument leads to SQL injection. This issue can be exploited remotel...

CVE-2024-11663 Codezips E-Commerce Site search.php sql injection

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2024-11663 Codezips E-Commerce Site search.php sql injection

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2024-11663

Codezips E-Commerce Site 1.0 (search.php) is affected. The root cause is manipulation of the keywords argument, leading to an SQL injection vulnerability. The issue can be exploited remotely and has been publicly disclosed. Affected components: the search.php functionality; the vulnerability impa...

CVE-2024-5049

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely...

CVE-2024-5049 Codezips E-Commerce Site editproduct.php unrestricted upload

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely...