CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9809 – SourceCodester Online Eyewear Shop Master.php delete_product sql injection
https://notcve.org/view.php?id=CVE-2024-9809
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. • https://github.com/wuyanzu-lab/cve/blob/main/sql.md https://vuldb.com/?ctiid.279961 https://vuldb.com/?id.279961 https://vuldb.com/?submit.420745 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9808 – SourceCodester Online Eyewear Shop sql injection
https://notcve.org/view.php?id=CVE-2024-9808
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=products/view_product. The manipulation of the argument id leads to sql injection. • https://github.com/r1ckyL/cve/blob/main/sql.md https://vuldb.com/?ctiid.279960 https://vuldb.com/?id.279960 https://vuldb.com/?submit.420744 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9799 – SourceCodester Profile Registration without Reload Refresh add.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-9799
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279949 https://vuldb.com/?ctiid.279949 https://vuldb.com/?submit.417589 https://gist.github.com/sechurity/07c5a3a15f21313ee657d05baadbee19 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9328 – SourceCodester Advocate Office Management System edit_client.php sql injection
https://notcve.org/view.php?id=CVE-2024-9328
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Advocate%20office%20management%20system%20-%20edit_client.php%20sql%20injection%20vulnerability.md https://vuldb.com/?ctiid.278837 https://vuldb.com/?id.278837 https://vuldb.com/?submit.415695 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9323 – SourceCodester Inventory Management System add_staff.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-9323
A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/add_staff.php. The manipulation leads to cross site scripting. The attack can be launched remotely. • https://hackmd.io/@SeaWind/rySx1IbR0 https://vuldb.com/?ctiid.278827 https://vuldb.com/?id.278827 https://vuldb.com/?submit.413401 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •