Lucene search
K

875 matches found

Nuclei
Nuclei
added 14 hours ago68 views

PuneethReddyHC action.php SQL Injection

An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping through the /action.php prId parameter. Using a post request does not sanitize the user input. id: CVE-2021-41648 info: name: PuneethReddyHC action.php SQL Injection author: daffainfo severity: high descriptio...

9.8CVSS7AI score0.5177EPSS
Exploits6References5
Nuclei
Nuclei
added 14 hours ago68 views

PuneethReddyHC Online Shopping System homeaction.php SQL Injection

An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php catid parameter. Using a post request does not sanitize the user input. id: CVE-2021-41649 info: name: PuneethReddyHC Online Shopping System homeaction.php SQL Injection...

9.8CVSS7.1AI score0.5177EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.9 views

CVE-2026-8131

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS5.4AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.10 views

CVE-2026-8129

A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.13 views

CVE-2026-9377

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/24 11:0 a.m.10 views

CVE-2026-9377 SourceCodester SUP Online Shopping productedit.php cross site scripting

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/24 11:0 a.m.15 views

EUVD-2026-31589

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/24 11:0 a.m.22 views

CVE-2026-9377 SourceCodester SUP Online Shopping productedit.php cross site scripting

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS0.00202EPSS
Exploits0References5
CVE
CVE
added 2026/05/24 11:0 a.m.22 views

CVE-2026-9377

SourceCodester SUP Online Shopping 1.0 contains a cross-site scripting (XSS) vulnerability in the admin/productedit.php file. The vulnerability is triggered by manipulating the productName argument, enabling remote attack. The description indicates an exploitable issue with the productedit.php fu...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.10 views

SourceCodester SUP Online Shopping 代码注入漏洞

SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping contains a code injection vulnerability. This vulnerability arises from improper handling of the productName parameter in the file...

4.8CVSS5.7AI score0.00202EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2026/05/19 12:46 p.m.16 views

Facebook scam promises cheap Aldi meat boxes, steals payment info instead

Sometimes you spot posts on social media that make you wonder if any moderation takes place at all. Which is concerning, because two- thirds of all online shopping scams now start on Facebook and Instagram. Online shopping scams are alarmingly common and have become one of the most frequently...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.9 views

CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/08 6:32 a.m.14 views

EUVD-2026-28520

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 6:32 a.m.10 views

EUVD-2026-28519

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS7AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 6:32 a.m.13 views

EUVD-2026-28518

A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
NVD
NVD
added 2026/05/08 4:16 a.m.15 views

CVE-2026-8129

A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 4:16 a.m.19 views

CVE-2026-8130

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 3:30 a.m.9 views

EUVD-2026-28489

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/08 3:0 a.m.33 views

CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS0.00318EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:0 a.m.13 views

CVE-2026-8131

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder