4 matches found
CVE-2022-26170
Affected software: Simple Mobile Comparison Website v1.0. The vulnerability is a SQL injection in the search parameter, stemming from unsanitized input in the search functionality. Documented impact per CVSS: Confidentiality, Integrity, and Availability all at high/partial levels (C/H, I/H, A/H f...
CVE-2023-1792
CVE-2023-1792 affects SourceCodester Simple Mobile Comparison Website 1.0. The vulnerability resides in the GET Parameter Handler, specifically the file /admin/fields/manage_field.php, where manipulating the id argument leads to SQL injection. The issue can be exploited remotely and has been disc...
CVE-2023-1908
CVE-2023-1908 affects SourceCodester Simple Mobile Comparison Website 1.0. the vulnerability is in the GET Parameter Handler for the file /admin/categories/view_category.php, where manipulating the argument id leads to SQL injection. This vulnerability can be exploited remotely and has publicly d...
CVE-2023-2397
CVE-2023-2397 affects SourceCodester Simple Mobile Comparison Website 1.0. The vulnerability is an XSS issue in the endpoint classes/Master.php?f=save_field where the Field Name parameter can be manipulated to trigger cross-site scripting, potentially exploitable remotely. Public disclosure is no...