EUVD-2022-34927

Malicious code in bioql PyPI...

CVE-2024-8089

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack...

CVE-2023-1505

A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND SELECT 8973 FROM...

CVE-2024-8089

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack...

CVE-2024-8089 SourceCodester E-Commerce System controller.php unrestricted upload

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack...

CVE-2024-8089

CVE-2024-8089 affects SourceCodester E-Commerce System v1.0. The vulnerability resides in the unknown function of the file /ecommerce/admin/products/controller.php, where manipulating the photo parameter leads to an unrestricted upload. This enables a remote attacker to upload arbitrary files, wi...

CVE-2024-8087 SourceCodester E-Commerce System popup_Item.php sql injection

A vulnerability was found in SourceCodester E-Commerce System 1.0 and classified as critical. This issue affects some unknown processing of the file /ecommerce/popupItem.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-8086

SourceCodester E-Commerce System 1.0 Admin Login page (/ecommerce/admin/login.php) is affected by SQL injection via the user_email parameter. The vulnerability enables remote exploitation; multiple sources confirm the issue and public disclosure. Concrete remediation/version details are not provi...

CVE-2024-8086 SourceCodester E-Commerce System Admin Login login.php sql injection

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument useremail leads to sql injection. The attack can be...

CVE-2024-8086 SourceCodester E-Commerce System Admin Login login.php sql injection

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument useremail leads to sql injection. The attack can be...

SourceCodester E-Commerce System 安全漏洞

SourceCodester E-Commerce System is an e-commerce system from SourceCodester Inc. A security vulnerability exists in the SourceCodester E-Commerce System version 1.0, which originates from an SQL injection vulnerability in the id parameter of the /ecommerce/popupItem.php page...

CVE-2023-1569

A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument UNAME with the input alert'1' leads to cross site scripting...

CVE-2023-1569 SourceCodester E-Commerce System cross site scripting

A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument UNAME with the input alert'1' leads to cross site scripting...

CVE-2023-1557 SourceCodester E-Commerce System Username access control

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the argument USERID leads to...

CVE-2023-1506

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...

Cross site scripting

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY...

CVE-2023-1506

CVE-2023-1506 affects SourceCodester E-Commerce System 1.0. The vulnerability is in an unknown function of login.php where manipulation of the U_USERNAME parameter leads to SQL injection. It is exploitable remotely with high impact on confidentiality, integrity, and availability; exploit complexi...

CVE-2023-1505 SourceCodester E-Commerce System setDiscount.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND SELECT 8973 FROM...