Lucene search
+L

121 matches found

cnnvd
cnnvd
added 2024/08/06 12:0 a.m.6 views

Young Entrepreneur E-Negosyo System 跨站脚本漏洞

Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System by janobe individual developers. A cross-site scripting vulnerability exists in Young Entrepreneur E-Negosyo System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their...

7.1CVSS6.1AI score0.00277EPSS
Exploits0References2
nvd
nvd
added 2023/03/30 9:15 p.m.12 views

CVE-2023-1738

A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php?q=product. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely...

9.8CVSS7.4AI score0.00492EPSS
Exploits0References2
prion
prion
added 2023/03/30 9:15 p.m.19 views

Sql injection

A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php?q=product. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely...

6.5CVSS9.7AI score0.00492EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/03/30 8:31 p.m.20 views

CVE-2023-1738 SourceCodester Young Entrepreneur E-Negosyo System sql injection

A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php?q=product. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely...

6.5CVSS10AI score0.00492EPSS
Exploits0References2
cve
cve
added 2023/03/30 8:31 p.m.62 views

CVE-2023-1738

CVE-2023-1738 affects SourceCodester Young Entrepreneur E-Negosyo System v1.0, specifically the index.php?q=product endpoint. The root cause is improper handling/manipulation of the search parameter, leading to SQL injection. The vulnerability is exploitable remotely and has been classified with ...

9.8CVSS8.3AI score0.00492EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2023/03/30 8:15 p.m.22 views

CVE-2023-1737

A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS8.1AI score0.00554EPSS
Exploits0References2
nvd
nvd
added 2023/03/30 8:15 p.m.12 views

CVE-2023-1736

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

8.8CVSS6.6AI score0.00439EPSS
Exploits0References3
nvd
nvd
added 2023/03/30 8:15 p.m.22 views

CVE-2023-1735

A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched...

9.8CVSS7.4AI score0.00492EPSS
Exploits0References2
prion
prion
added 2023/03/30 8:15 p.m.16 views

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS9.7AI score0.00554EPSS
Exploits0References2Affected Software1
prion
prion
added 2023/03/30 8:15 p.m.19 views

Sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

5.2CVSS8.8AI score0.00439EPSS
Exploits0References3Affected Software1
cve
cve
added 2023/03/30 8:0 p.m.56 views

CVE-2023-1737

CVE-2023-1737 affects SourceCodester Young Entrepreneur E-Negosyo System 1.0, specifically login.php where the U_USERNAME parameter leads to SQL injection. The vulnerability can be triggered remotely over the network; exploitation status is not documented in the provided sources. Mitigation sugge...

9.8CVSS8.8AI score0.00554EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/03/30 8:0 p.m.34 views

CVE-2023-1737 SourceCodester Young Entrepreneur E-Negosyo System login.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS10AI score0.00554EPSS
Exploits0References2
cvelist
cvelist
added 2023/03/30 7:31 p.m.20 views

CVE-2023-1736 SourceCodester Young Entrepreneur E-Negosyo System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

5.5CVSS9.2AI score0.00439EPSS
Exploits0References3
cve
cve
added 2023/03/30 7:31 p.m.48 views

CVE-2023-1736

CVE-2023-1736 affects SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected functionality is in cart/controller.php?action=add, where manipulating the PROID parameter leads to SQL injection. Documented impact is high (per CVSS metrics in the initial entry), with no exploitation details...

8.8CVSS7.3AI score0.00439EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/03/30 7:31 p.m.29 views

CVE-2023-1735 SourceCodester Young Entrepreneur E-Negosyo System passwordrecover.php sql injection

A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched...

6.5CVSS10AI score0.00492EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2023/03/30 7:31 p.m.7 views

CVE-2023-1735 SourceCodester Young Entrepreneur E-Negosyo System passwordrecover.php sql injection

A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this vulnerability is an unknown functionality of the file passwordrecover.php. The manipulation of the argument phonenumber leads to sql injection. The attack can be launched...

6.5CVSS9.9AI score0.00492EPSS
Exploits0References2
cve
cve
added 2023/03/30 7:31 p.m.61 views

CVE-2023-1735

CVE-2023-1735 affects SourceCodester Young Entrepreneur E-Negosyo System 1.0. The vulnerability is in the file passwordrecover.php, where manipulating the URL parameter phonenumber leads to a SQL injection. The issue can be exploited remotely and, per the CVE entry, impacts confidentiality, integ...

9.8CVSS8.3AI score0.00492EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2023/03/30 7:15 p.m.18 views

CVE-2023-1734

A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is an unknown function of the file admin/products/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the...

9.8CVSS7.9AI score0.00623EPSS
Exploits0References2
osv
osv
added 2023/03/30 7:15 p.m.2 views

CVE-2023-1734

A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is an unknown function of the file admin/products/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the...

9.8CVSS6.8AI score0.00623EPSS
Exploits0References2
prion
prion
added 2023/03/30 7:15 p.m.15 views

Design/Logic Flaw

A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is an unknown function of the file admin/products/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the...

7.5CVSS9.5AI score0.00623EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder