Lucene search
K

15492 matches found

Vulnrichment
Vulnrichment
added 2023/04/08 10:0 a.m.13 views

CVE-2023-1955 SourceCodester Online Computer and Laptop Store User Registration login.php sql injection

A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is an unknown function of the file login.php of the component User Registration. The manipulation of the argument email leads to sql injection. It is possible to launch the attac...

7.5CVSS7.4AI score0.008EPSS
Exploits1References3
CVE
CVE
added 2023/04/08 9:31 a.m.56 views

CVE-2023-1954

The CVE-2023-1954 entry relates to SourceCodester Online Computer and Laptop Store 1.0. A critical flaw in the function save_inventory in /admin/product/manage.php allows manipulation of the id parameter to trigger SQL injection. The vulnerability is remote-accessible, and public exploits have be...

8.8CVSS7.8AI score0.00717EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/04/08 9:31 a.m.112 views

CVE-2023-1953

CVE-2023-1953 affects SourceCodester Online Computer and Laptop Store v1.0. The vulnerable component is the /admin/sales/index.php file, where manipulating the date_start/date_end parameters enables SQL injection. Documents indicate remote attack feasibility and a critical severity. Connected sou...

8.8CVSS7.8AI score0.00717EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/04/08 9:15 a.m.23 views

CVE-2023-1952

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as critical. This affects an unknown part of the file /?p=products of the component Product Search. The manipulation of the argument search leads to sql injection. It is possible to initiate t...

9.8CVSS7.4AI score0.00726EPSS
Exploits1References3
CVE
CVE
added 2023/04/08 8:31 a.m.68 views

CVE-2023-1952

The CVE-2023-1952 entry concerns SourceCodester Online Computer and Laptop Store 1.0 where the Product Search component’s /?p=products endpoint accepts a search parameter that is vulnerable to SQL injection. The vulnerability allows remote exploitation and has publicly disclosed exploit details; ...

9.8CVSS8.3AI score0.00726EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/04/08 8:31 a.m.26 views

CVE-2023-1952 SourceCodester Online Computer and Laptop Store Product Search ?p=products sql injection

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as critical. This affects an unknown part of the file /?p=products of the component Product Search. The manipulation of the argument search leads to sql injection. It is possible to initiate t...

6.5CVSS10AI score0.00726EPSS
Exploits1References3
NVD
NVD
added 2023/04/08 8:15 a.m.12 views

CVE-2023-1951

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this issue is the function deletebrand of the file /admin/maintenance/brand.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely...

9.8CVSS7.3AI score0.00726EPSS
Exploits1References3
CVE
CVE
added 2023/04/08 8:0 a.m.55 views

CVE-2023-1951

CVE-2023-1951 affects SourceCodester Online Computer and Laptop Store 1.0. The SQL injection stems from the delete_brand function in /admin/maintenance/brand.php, via manipulation of the id parameter. The issue can be exploited remotely; exploitation has been disclosed publicly, with VDB-225338 a...

9.8CVSS8.2AI score0.00726EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.5 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store by Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...

9.8CVSS7.8AI score0.00726EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.5 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the fi...

9.8CVSS7.9AI score0.00726EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/04/08 12:0 a.m.6 views

PT-2023-17367 · Unknown · Sourcecodester Online Computer/Laptop Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Computer and Laptop Store version 1.0 Description: A critical issue affects the function save inventory of the file /admin/product/manage.php. The manipulation of the argument id leads to sql injection. The attack may be...

8.8CVSS7AI score0.00717EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.3 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of externally entered SQL statements in the parameter...

8.8CVSS7.9AI score0.00717EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/08 12:0 a.m.5 views

Online Computer and Laptop Store SQL注入漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the parameter email of...

9.8CVSS8.2AI score0.008EPSS
Exploits1References4
Prion
Prion
added 2023/04/07 6:15 p.m.17 views

Out-of-bounds

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/?page=user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack can...

6.5CVSS9.5AI score0.00893EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/04/07 6:0 p.m.45 views

CVE-2023-1942

CVE-2023-1942 affects SourceCodester Online Computer and Laptop Store 1.0. The Avatar Handler’s /admin/?page=user functionality is vulnerable to unrestricted file uploads, enabling remote exploitation. Documents indicate an attacker can upload arbitrary files to execute code, with the vulnerabili...

9.8CVSS8.1AI score0.00893EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2023/04/07 12:0 a.m.24 views

Online Computer and Laptop Store Arbitrary File Upload Vulnerability

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to arbitrary file uploads. The vulnerability stems from a lack of validation of uploaded files in the...

9.5AI score0.04353EPSS
Exploits4Affected Software1
CNNVD
CNNVD
added 2023/04/07 12:0 a.m.4 views

Online Computer and Laptop Store 代码问题漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 contains an arbitrary file upload vulnerability, which stems from the lack of valid validation of uploaded files in file/admin/?page=user, and can...

9.8CVSS7.5AI score0.00893EPSS
Exploits1References4
OSV
OSV
added 2023/04/06 3:53 a.m.6 views

MAL-2023-323 Malicious code in fabric-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 031f95a39929ba0a778100655abe80c8b7455a55f5e2d1dea13b6bd2dbb3bd16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2023/04/05 8:15 a.m.13 views

CVE-2023-1857

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=product/manageproduct&id=2. The manipulation of the argument Product Name leads to cross site scripting. Th...

6.1CVSS4.2AI score0.00611EPSS
Exploits1References3
Prion
Prion
added 2023/04/05 8:15 a.m.15 views

Cross site scripting

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=product/manageproduct&id=2. The manipulation of the argument Product Name leads to cross site scripting. Th...

3.3CVSS6AI score0.00611EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder