3 matches found
CVE-2024-10336
CVE-2024-10336 affects SourceCodeHero Clothes Recommendation System 1.0. The vulnerability is a SQL injection in the Admin Login Page, specifically via the t1 parameter in the file /admin/index.php. Root cause: improper handling of user input leading to injection of SQL statements. Impact, as sta...
CVE-2024-10338
CVE-2024-10338 affects SourceCodeHero Clothes Recommendation System 1.0. The vulnerability resides in /admin/home.php, where manipulating the argument view/view1 enables SQL injection. The issue is exploitable remotely and, per sources, the exploit has been disclosed publicly. No remediation deta...
CVE-2024-10337
SourceCodeHero Clothes Recommendation System 1.0 contains a SQL injection vulnerability in the /admin/home.php?con=add endpoint. The vulnerability arises from manipulating the cat/subcat/t1/t2/text arguments, and the issue can be exploited remotely. Several connected sources corroborate the affec...