Online-shopping-system-advanced Project

Online-shopping-system-advanced

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-3311

Exploit
  • EPSS 0.07%
  • Veröffentlicht 18.06.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 08:16:59

A vulnerability, which was classified as problematic, was found in PuneethReddyHC online-shopping-system-advanced 1.0. This affects an unknown part of the file addsuppliers.php. The manipulation of the argument First name leads to cross site scriptin...

9.8

CVE-2022-42109

  • EPSS 0.84%
  • Veröffentlicht 29.11.2022 04:15:10
  • Zuletzt bearbeitet 25.04.2025 17:15:17

Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.

7.5

CVE-2021-41648

Exploit
  • EPSS 63.23%
  • Veröffentlicht 01.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:26:34

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.

9.8

CVE-2021-41649

Exploit
  • EPSS 90.66%
  • Veröffentlicht 01.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:26:34

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.