4 matches found
CVE-2023-1558
CVE-2023-1558 affects Simple and Beautiful Shopping Cart System 1.0. The vulnerability is in the uploadera.php component and enables unrestricted file upload, with remote initiation possible. Multiple connected sources confirm the issue and describe it as a critical vulnerability exploiting an up...
CVE-2023-1739
The CVE-2023-1739 issue affects SourceCodester Simple and Beautiful Shopping Cart System 1.0, specifically the file upload.php handler. The root cause is improper handling of uploads, enabling unrestricted remote file uploads. This could allow an attacker to upload arbitrary files, potentially le...
CVE-2023-1941
SourceCodester Simple and Beautiful Shopping Cart System 1.0 has a SQL injection flaw in login.php caused by improper handling of the username/password parameters. This can be exploited remotely and may lead to disclosure/injection affecting confidentiality, integrity, and availability. The CVE n...
CVE-2023-1940
CVE-2023-1940 affects SourceCodester Simple and Beautiful Shopping Cart System 1.0. The vulnerability is a SQL injection in the file delete_user_query.php triggered by manipulating the parameter user_id . It can be exploited remotely and the exploit has been publicly disclosed. Affected component...