18 matches found
EUVD-2022-34923
Malicious code in bioql PyPI...
CVE-2023-1502
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...
CVE-2022-2682
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input '" leads to cross site scripting. The attack...
CVE-2020-24208
A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters...
CVE-2023-1504
A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND SELECT 6077 FROM SELECTSLEEP5dltn AND 'PhRa'='PhRa leads to sql...
CVE-2023-1503
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...
CVE-2023-1502
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...
Sql injection
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...
Sql injection
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...
CVE-2023-1504 SourceCodester Alphaware Simple E-Commerce System sql injection
A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND SELECT 6077 FROM SELECTSLEEP5dltn AND 'PhRa'='PhRa leads to sql...
CVE-2023-1503 SourceCodester Alphaware Simple E-Commerce System admin_index.php sql injection
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/adminindex.php. The manipulation of the argument username/password with the input admin' AND SELECT 8062 FROM SELECTSLEEP5meUD-- hLiX lead...
CVE-2023-1502 SourceCodester Alphaware Simple E-Commerce System edit_customer.php sql injection
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/editcustomer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP5 AND...
Improper access control
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...
CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access controls. It is possib...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input '"alert/xss/ leads to cross site scripting. T...
Out-of-bounds
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file adminfeature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The attack can be...
PT-2022-18080 · Sourcecodester · Sourcecodester Alphaware Simple E-Commerce System
Name of the Vulnerable Software and Affected Versions: SourceCodester Alphaware Simple E-Commerce System affected versions not specified Description: A critical issue was discovered, affecting the Background Management Page component, specifically the admin feature.php file, allowing for...
CVE-2020-24208
A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters...