CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30478
https://notcve.org/view.php?id=CVE-2022-30478
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in \search_product.php via the keyword parameters. Ecommerce-project-with-php-and-mysqli-Fruits-Bazar versión 1.0, es vulnerable a una Inyección SQL en el archivo \search_product.php por medio de los parámetros keyword • https://github.com/APTX-4879/CVE https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30478.pdf https://github.com/creativesaiful/Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30482
https://notcve.org/view.php?id=CVE-2022-30482
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) in \admin\add_cata.php via the ctg_name parameters. Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- versión 1.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) en el archivo \admin\add_cata.php por medio de los parámetros ctg_name • https://github.com/APTX-4879/CVE https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30482.pdf https://github.com/creativesaiful/Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •