15492 matches found
CVE-2023-1986
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function deleteorder of the file /classes/master.php?f=deleteorder. The manipulation of the argument id leads to sql injection. It is possible to launch the attack...
CVE-2023-1988
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=maintenance/brand. The manipulation of the argument Brand Name leads to cross site scripting. The attack ma...
CVE-2023-1988
CVE-2023-1988 affects SourceCodester Online Computer and Laptop Store v1.0. The vulnerability is a cross-site scripting (XSS) issue in the /admin/?page=maintenance/brand function where the Brand Name argument is not properly validated/escaped, enabling an attacker to inject arbitrary script. Expl...
CVE-2023-1987
CVE-2023-1987 affects SourceCodester Online Computer and Laptop Store v1.0. The vulnerability resides in the update_order_status functionality (file /classes/Master.php?f=update_order_status) where the id parameter is not properly validated, enabling SQL injection. Exploitation can be performed r...
CVE-2023-1987 SourceCodester Online Computer and Laptop Store update_order_status sql injection
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function updateorderstatus of the file /classes/Master.php?f=updateorderstatus. The manipulation of the argument id leads to sql injection. The...
CVE-2023-1986
The CVE-2023-1986 entry documents an SQL injection affecting SourceCodester Online Computer and Laptop Store 1.0, specifically in the function delete_order in /classes/master.php?f=delete_order. The vulnerability arises from lack of validation/sanitization of the id parameter, enabling remote exp...
CVE-2023-1985
SourceCodester Online Computer and Laptop Store 1.0 is affected by CVE-2023-1985, a SQL injection in the function save_brand (/classes/Master.php?f=save_brand) caused by manipulating the name parameter. The issue can be exploited remotely and has publicly disclosed exploit information. Multiple s...
MAL-2023-14 Malicious code in 123rf-ui-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 191305f2b37c6b762d68e248f554e99a207ea15885a1479afd2eaea4b9a6690a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-507 Malicious code in hsdjhfjsdhfhtest009 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7cb84bd15b4cb549b8153de1ef4c963f36744a7c8aa61bf6daac15df6a42995 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-711 Malicious code in puik (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b4305941a7c6039839f504cec86804482541da940624e283b54bd14652ed296 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-68 Malicious code in @trein/puik (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa343d289af28cc7ccb1d26a8872057e5656d8f118dfff0242b1f579bfd190d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Online Computer and Laptop Store Path Traversal Vulnerability
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A path traversal vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the fact that the parameter path in the file /classes/Master.php?f=deleteim...
Online Computer and Laptop Store Arbitrary File Upload Vulnerability (CNVD-2023-29392)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 contains an arbitrary file upload vulnerability, which stems from the lack of valid validation of uploaded files in file/admin/?page=user, and can...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29384)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of externally entered SQL statements in the parameter...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29388)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of...
Online Computer and Laptop Store Cross-Site Scripting Vulnerability (CNVD-2023-29393)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29383)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...
Online Computer and Laptop Store SQL注入漏洞
Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero Personal Developer. An SQL injection vulnerability exists in SourceCodester Online Computer and Laptop Store version 1.0, which stems from an improper manipulation of the parameter name that can lead to sql...
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29389)
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability that originates in the file /classes/Master.php?f=savesubcategory with the parameter subcategory...
Online Computer and Laptop Store 跨站脚本漏洞
Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the Brand...