Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce website project e-commerce website 1.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-27330
A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field.
E-commerce Website Project E-commerce Website 1.0
5.4
CVSSv3
CVE-2021-25204
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote malicious users to inject arbitrary web script or HTM via the subject field to feedback_process.php.
E-commerce Website Project E-commerce Website 1.0
9.8
CVSSv3
CVE-2021-25205
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote malicious users to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
E-commerce Website Project E-commerce Website 1.0
9.8
CVSSv3
CVE-2021-25207
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows malicious users to execute arbitrary code via the file upload to prodViewUpdate.php.
E-commerce Website Project E-commerce Website 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started