CVE-2026-2848

A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Registration. This manipulation of the argument Username causes sql injection. The attack may be...

CVE-2025-12334

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

CVE-2025-11509

A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/productadd.php. Performing manipulation of the argument prodname results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

EUVD-2021-32035

Malicious code in bioql PyPI...

CVE-2023-1301

A vulnerability, which was classified as critical, has been found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this issue is some unknown functionality of the file deleteorder.php of the component GET Parameter Handler. The manipulation of the argument id...

CVE-2018-17840

SQL injection exists in Scriptzee Education Website 1.0 via the collegelist.html subject, city, or country parameter...

CVE-2024-4074

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file prodInfo.php. The manipulation of the argument prodId leads to cross site scripting. The attack may be launche...

CVE-2024-2267

CVE-2024-2267 affects the keerti1924 Online-Book-Store-Website, version 1.0. The issue is a logic error in the processing of the file /shop.php, caused by manipulating the argument product_price which leads to business logic errors. A remote attacker could exploit this, and public disclosures exi...

CVE-2023-7105

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been classified as critical. Affected is an unknown function of the file indexsearch.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-7108

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

Sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been classified as critical. Affected is an unknown function of the file indexsearch.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-50867

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the signupAction.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2023-7107

CVE-2023-7107 affects code-projects E-Commerce Website 1.0, exploiting SQL injection in the file user_signup.php. The vulnerability targets the parameters firstname, middlename, email, address, contact, and username, enabling remote manipulation of SQL queries. Impact is described with high conce...

CVE-2023-7106

CVE-2023-7106 involves a SQL injection in the code-projects E-Commerce Website 1.0. The vulnerability stems from unsafely handling the prod_id parameter in the file product_details.php, enabling attacker-controlled input to influence SQL queries. Reports indicate the flaw can be exploited remotel...

PT-2023-32806 · Sourcecodester · Sourcecodester Simple Image Stack Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Image Stack Website version 1.0 Description: A problem was found in the processing of the search argument, which can be manipulated with a specific input, leading to cross-site scripting. The attack can be initiated...

PT-2023-31482 · Unknown · Sakshi2610 Food Ordering Website

Name of the Vulnerable Software and Affected Versions: Sakshi2610 Food Ordering Website version 1.0 Description: A critical issue affects the processing of the file categoryfood.php. The manipulation of the id argument leads to SQL injection. This issue can be exploited remotely. Recommendations:...

CVE-2023-3534

SourceCodester Shopping Website 1.0 contains a SQL injection in the check_availability.php file, triggered by manipulating the email parameter. This vulnerability allows remote exploitation and has publicly disclosed exploits. Affected component: the function in check_availability.php; root cause...

Out-of-bounds

A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been...