Page 3 of 19 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/41lai/cve/blob/main/sql.md https://vuldb.com/?ctiid.278251 https://vuldb.com/?id.278251 https://vuldb.com/?submit.411564 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2

A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cart_id/id leads to improper ownership management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/fa-rrel/CVE-2024-8949-POC https://github.com/gurudattch/CVEs/edit/main/Sourcecodester-Online-Eyewear-shop-webiste-Broken-access-control.md https://vuldb.com/?ctiid.277767 https://vuldb.com/?id.277767 https://vuldb.com/?submit.409459 https://www.sourcecodester.com • CWE-282: Improper Ownership Management •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file manage_product.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hefei-Coffee/cve/blob/main/sql10.md https://vuldb.com/?ctiid.268138 https://vuldb.com/?id.268138 https://vuldb.com/?submit.354912 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects an unknown part of the file /admin/orders/update_status.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/T4y1oR/bug_report/blob/main/SQLi-1.md https://vuldb.com/?ctiid.227229 https://vuldb.com/?id.227229 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Gear-D/bug_report/blob/main/SQLi-1.md https://vuldb.com/?ctiid.225406 https://vuldb.com/?id.225406 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •