CVE-2023-1503

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...

Sql injection

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...

CVE-2023-1505 SourceCodester E-Commerce System setDiscount.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND SELECT 8973 FROM...

CVE-2023-1503 SourceCodester Alphaware Simple E-Commerce System admin_index.php sql injection

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...

Sql injection

A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND SELECT 9110 FR...

CVE-2023-1293 SourceCodester Online Graduate Tracer System admin_cs.php mysqli_query sql injection

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. This issue affects the function mysqliquery of the file admincs.php. The manipulation leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high...

CVE-2015-10088 ayttm proxy.c http_connect format string

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

K26555255: Multiple Java vulnerabilities CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830

Security Advisory Description CVE-2020-2781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated...

K16496491: Multiple Java vulnerabilities

Security Advisory Description CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated...

Information disclosure

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

PT-2023-10343 · Unknown · Doomsider Shadow

Name of the Vulnerable Software and Affected Versions: doomsider shadow affected versions not specified Description: A vulnerability was found in doomsider shadow, classified as problematic, affecting an unknown function. The manipulation leads to denial of service, requiring a local attack. The...

Design/Logic Flaw

A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

CVE-2023-0887

CVE-2023-0887 affects phjounin TFTPD64-SE 4.64, exploiting the tftpd64_svc.exe component via an unquoted search path. The issue is exploitable only locally, with attack complexity reported as high and required privileges low; user interaction is none, and the impact is described as high for confi...

Information disclosure

A vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

CVE-2023-0686

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

Sql injection

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

CVE-2023-0686 SourceCodester Online Eyewear Shop HTTP POST Request update_cart sql injection

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

CVE-2017-20175 DaSchTour matomo-mediawiki-extension Username Piwik.hooks.php cross site scripting

A vulnerability classified as problematic has been found in DaSchTour matomo-mediawiki-extension up to 2.4.2 on MediaWiki. This affects an unknown part of the file Piwik.hooks.php of the component Username Handler. The manipulation leads to cross site scripting. It is possible to initiate the...

Design/Logic Flaw

A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password...

Oracle OpenJDK Vulnerability (CVE-2023-21843)

Oracle OpenJDK is prone to a vulnerability in the sound component. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:openjdk...