2 matches found
CVE-2024-5049
CVE-2024-5049 affects Codezips E-Commerce Site 1.0. The vulnerability is in admin/editproduct.php where manipulating the profilepic parameter leads to unrestricted file upload, enabling remote abuse. The issue is tied to unknown functionality in the editproduct.php handling of profilepic, enablin...
CVE-2024-4923
Codezips E-Commerce Site 1.0 contains a vulnerability in admin/addproduct.php where manipulation of the profilepic parameter enables unrestricted file upload. This can be exploited remotely, and public exploit information exists. Impact per available data includes high confidentiality, integrity,...