Page 9 of 512 results (0.007 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection. • https://github.com/wuyanzu-lab/cve/blob/main/sql.md https://vuldb.com/?ctiid.279961 https://vuldb.com/?id.279961 https://vuldb.com/?submit.420745 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=products/view_product. The manipulation of the argument id leads to sql injection. • https://github.com/r1ckyL/cve/blob/main/sql.md https://vuldb.com/?ctiid.279960 https://vuldb.com/?id.279960 https://vuldb.com/?submit.420744 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279949 https://vuldb.com/?ctiid.279949 https://vuldb.com/?submit.417589 https://gist.github.com/sechurity/07c5a3a15f21313ee657d05baadbee19 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Advocate%20office%20management%20system%20-%20edit_client.php%20sql%20injection%20vulnerability.md https://vuldb.com/?ctiid.278837 https://vuldb.com/?id.278837 https://vuldb.com/?submit.415695 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/add_staff.php. The manipulation leads to cross site scripting. The attack can be launched remotely. • https://hackmd.io/@SeaWind/rySx1IbR0 https://vuldb.com/?ctiid.278827 https://vuldb.com/?id.278827 https://vuldb.com/?submit.413401 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •