CVE-2024-9905 – SourceCodester Online Eyewear Shop sql injection
https://notcve.org/view.php?id=CVE-2024-9905
A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://gist.github.com/higordiego/8679961c9d732e4068aaa37fd8d01439 https://vuldb.com/?ctiid.280181 https://vuldb.com/?id.280181 https://vuldb.com/?submit.422606 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9809 – SourceCodester Online Eyewear Shop Master.php delete_product sql injection
https://notcve.org/view.php?id=CVE-2024-9809
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. • https://github.com/wuyanzu-lab/cve/blob/main/sql.md https://vuldb.com/?ctiid.279961 https://vuldb.com/?id.279961 https://vuldb.com/?submit.420745 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9808 – SourceCodester Online Eyewear Shop sql injection
https://notcve.org/view.php?id=CVE-2024-9808
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=products/view_product. The manipulation of the argument id leads to sql injection. • https://github.com/r1ckyL/cve/blob/main/sql.md https://vuldb.com/?ctiid.279960 https://vuldb.com/?id.279960 https://vuldb.com/?submit.420744 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9317 – SourceCodester Online Eyewear Shop Master.php delete_category sql injection
https://notcve.org/view.php?id=CVE-2024-9317
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/o0wll/cve/blob/main/sql.md https://vuldb.com/?ctiid.278821 https://vuldb.com/?id.278821 https://vuldb.com/?submit.412748 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9082 – SourceCodester Online Eyewear Shop User Creation Users.phpf=save improper authorization
https://notcve.org/view.php?id=CVE-2024-9082
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Users.phpf=save of the component User Creation Handler. The manipulation of the argument type with the input 1 leads to improper authorization. The attack may be launched remotely. • https://github.com/41lai/cve/blob/main/add.md https://vuldb.com/?ctiid.278252 https://vuldb.com/?id.278252 https://vuldb.com/?submit.411565 https://www.sourcecodester.com • CWE-285: Improper Authorization •