CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper handling of the searchtxt...

CVE-2023-2659

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

CVE-2024-2154

A vulnerability has been found in SourceCodester Online Mobile Management Store 1.0 and classified as critical. This vulnerability affects unknown code of the file viewproduct.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2024-2154 SourceCodester Online Mobile Management Store view_product.php sql injection

A vulnerability has been found in SourceCodester Online Mobile Management Store 1.0 and classified as critical. This vulnerability affects unknown code of the file viewproduct.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2023-2212 Campcodes Coffee Shop POS System view_product.php sql injection

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/products/viewproduct.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit...

PromoProducts 'view_product.php' Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30725/info PromoProducts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

CubeCart 2.0.x tellafriend.php product Variable Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues...

CubeCart 2.0.x view_product.php product Variable Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues...

cubecart 2.0.7 - Multiple Vulnerabilities

cubecart 2.0.7 - Multiple Vulnerabilities Exploit Title: CubeCart 2.0.7 XSS && Remote SQL Injection = Multiple Vulnerabilities Date: June, 14th 2011 GMT +7 Author: Shamus Software Link: http://www.cubecart.com/ Version : CubeCart 2.0.7 Tested on: windows 7, ubuntu 11.04 CVE : -...

HB Ecommerce SQL Injection

------------- HB ECOMMERCE SQL Injection Vulnerability --------------- ------------------------------------------------------------------------ ------------------------------------------------------------------------ + Exploit Title: HB ECOMMERCE SQL Injection Vulnerability + Google Dork:...

CVE-2008-6209

SQL injection vulnerability in viewproduct.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the catid parameter...

Sql injection

SQL injection vulnerability in viewproduct.php in Vastal I-Tech Software Zone allows remote attackers to execute arbitrary SQL commands via the catid parameter...

PromoProducts - view_product.php Multiple SQL Injections

PromoProducts - viewproduct.php Multiple SQL Injections source: https://www.securityfocus.com/bid/30725/info PromoProducts is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...

CubeCart <= 2.0.6 Multiple SQL Injections

The installed version of CubeCart on the remote host suffers from multiple SQL injection vulnerabilities due to its failure to sanitize user input via the 'PHPSESSID' parameter of the 'index.php' script, the 'product' parameter of the 'tellafriend.php' script, the 'add' parameter of the...

CubeCart 2.0.x - view_product.php?product Full Path Disclosure

CubeCart 2.0.x - viewproduct.php?product Full Path Disclosure source: https://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...

CubeCart 2.0.x - &#039;index.php&#039; Multiple Full Path Disclosures

source: https://www.securityfocus.com/bid/13050/info CubeCart is reported prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These issues affect the 'index.php',...