8 matches found
CVE-2023-1736
A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...
CVE-2023-1735
A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched...
CVE-2023-1734
A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is an unknown function of the file admin/products/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the...
CVE-2023-1485
CVE-2023-1485 is an XSS vulnerability in SourceCodester Young Entrepreneur E-Negosyo System 1.0, arising from the GET parameter handler in /bsenordering/index.php where manipulating category with enables a remote XSS attack. Affected: SourceCodester Young Entrepreneur E-Negosyo System 1.0, file ...
Young Entrepreneur E-Negosyo System 1.0 Cross Site Scripting
Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - 'PRODESC' Stored Cross-Site Scripting XSS Date: 2021-10-03 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...
E-Negosyo System 1.0 SQL Injection Vulnerability
Exploit Title: E-Negosyo System 1.0 - Time-Based Blind SQLi - admin/login.php Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsenordering0.zip Version: 1.0 Category:...
E-Negosyo System 1.0 - SQL Injection
E-Negosyo System 1.0 - SQL Injection Exploit Title: E-Negosyo System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...
E-Negosyo System 1.0 SQL Injection
Exploit Title: E-Negosyo System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/bsenordering9-23-18.zip Version: 1.0 Category:...