Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
online store system project online store system 1.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-8290
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.
Online Store System Project Online Store System 1.0
5.3
CVSSv3
CVE-2019-8292
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
Online Store System Project Online Store System 1.0
5.4
CVSSv3
CVE-2019-8288
Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.
Online Store System Project Online Store System 1.0
7.5
CVSSv3
CVE-2019-8291
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
Online Store System Project Online Store System 1.0
5.4
CVSSv3
CVE-2019-8289
Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable
Online Store System Project Online Store System 1.0
9.8
CVSSv3
CVE-2022-30423
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
Merchandise Online Store Project Merchandise Online Store 1.0
7.2
CVSSv3
CVE-2022-30799
Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.
Online Ordering System Project Online Ordering System 1.0
9.8
CVSSv3
CVE-2021-28294
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
Online Ordering System Project Online Ordering System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started