CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A Remote Code Execution RCE vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei...

7.2CVSS7.6AI score0.03256EPSS

Exploits1

RedhatCVE•added 2025/02/05 2:46 a.m.•6 views

CVE-2024-33957

SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in 'id' in '/admin/orders/controller.php' parameter...

9.8CVSS9.5AI score0.00247EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 2:36 a.m.•6 views

CVE-2024-33958

9.8CVSS7.3AI score0.00247EPSS

Exploits0References1

NVD•added 2024/08/06 11:16 a.m.•9 views

CVE-2024-33978

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'category' parameter in '/index.php'...

7.1CVSS0.00237EPSS

Exploits0References1

OSV•added 2024/08/06 11:16 a.m.•1 views

CVE-2024-33976

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'id' parameter in '/admin/user/index.php'...

6.1CVSS5.8AI score0.00285EPSS

Exploits0References1

NVD•added 2024/08/06 11:16 a.m.•11 views

CVE-2024-33977

7.1CVSS0.00174EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by