124 matches found
CVE-2026-15537 SourceCodester Online Book Store System login.php sql injection
A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...
CVE-2026-15532 SourceCodester Online Book Store System User Management cross site scripting
A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...
CVE-2026-15532
A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...
CVE-2025-63939
Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...
EUVD-2025-209441
Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...
CVE-2025-63939
Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...
CVE-2025-63939
Improper input handling in /Grocery/searchproductsitname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitemname POST parameter...
CVE-2018-25203
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess
Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...
CVE-2018-25203
CVE-2018-25203 affects Online Store System CMS 1.0. The vulnerability is an SQL injection in the email field of index.php when action=clientaccess is supplied, allowing unauthenticated attackers to influence database queries and extract sensitive information via boolean-based blind or time-based ...
PT-2026-28240
Name of the Vulnerable Software and Affected Versions Online Store System CMS version 1.0 Description An SQL injection allows unauthenticated attackers to manipulate database queries. This is achieved by sending POST requests to the 'index.php' endpoint with the action parameter set to...
OpenSolution Quick.Cart 授权问题漏洞
OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains an authorization vulnerability. This vulnerability stems from the fact that session identifiers can be set before authentication and remain unchanged...
OpenSolution Quick.Cart 安全漏洞
OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.Cart contains a security vulnerability, which stems from storing user passwords in plaintext. This vulnerability could allow privileged attackers to access user...
CVE-2025-63891
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...
SourceCodester Simple Online Book Store System 安全漏洞
SourceCodester Simple Online Book Store System is a SourceCodester open source simple online bookstore system. A security vulnerability exists in SourceCodester Simple Online Book Store System, which originates from an unauthenticated HTTP GET request to access a database backup file, potentially...
EUVD-2020-20619
Malware in sbrugna...
EUVD-2024-47937
Malicious code in bioql PyPI...
EUVD-2022-35012
Malicious code in bioql PyPI...
EUVD-2024-27937
Malicious code in bioql PyPI...