Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
online store system project online store system 1.0 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-8288
Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.
Online Store System Project Online Store System 1.0
312
VMScore
CVE-2019-8289
Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable
Online Store System Project Online Store System 1.0
383
VMScore
CVE-2019-8290
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.
Online Store System Project Online Store System 1.0
570
VMScore
CVE-2019-8291
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
Online Store System Project Online Store System 1.0
445
VMScore
CVE-2019-8292
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
Online Store System Project Online Store System 1.0
668
VMScore
CVE-2022-30423
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
Merchandise Online Store Project Merchandise Online Store 1.0
578
VMScore
CVE-2022-30799
Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.
Online Ordering System Project Online Ordering System 1.0
668
VMScore
CVE-2021-28294
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
Online Ordering System Project Online Ordering System 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started