3 matches found
CVE-2024-8089
CVE-2024-8089 affects SourceCodester E-Commerce System v1.0. The vulnerability resides in the unknown function of the file /ecommerce/admin/products/controller.php, where manipulating the photo parameter leads to an unrestricted upload. This enables a remote attacker to upload arbitrary files, wi...
CVE-2024-8086
SourceCodester E-Commerce System 1.0 Admin Login page (/ecommerce/admin/login.php) is affected by SQL injection via the user_email parameter. The vulnerability enables remote exploitation; multiple sources confirm the issue and public disclosure. Concrete remediation/version details are not provi...
CVE-2024-8087
CVE-2024-8087 concerns SourceCodester E-Commerce System 1.0. The issue is an SQL injection in the /ecommerce/popup_Item.php page caused by manipulation of the id argument. A remote attacker could potentially exploit this vulnerability, and public disclosure of exploits is indicated. Affected comp...