CVE-2023-1503

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...

CVE-2023-1503

CVE-2023-1503 affects SourceCodester Alphaware Simple E-Commerce System 1.0. A SQL injection vulnerability exists in the admin/admin_index.php file, triggered by manipulating the username/password inputs (example payload: admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX). The issue all...

CVE-2023-26905

An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id...

CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control

A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...

CVE-2022-2682

CVE-2022-2682 affects SourceCodester Alphaware Simple E-Commerce System, specifically the stockin.php/stock.php component. The vulnerability is a cross-site scripting (XSS) flaw triggered by manipulating the id argument (e.g., '">) to inject script code. It can be exploited remotely; the explo...