Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1505
A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 ...
E-commerce System Project E-commerce System 1.0
NA
CVE-2023-1506
A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The compl...
E-commerce System Project E-commerce System 1.0
3.5
CVSSv2
CVE-2021-25204
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote malicious users to inject arbitrary web script or HTM via the subject field to feedback_process.php.
E-commerce Website Project E-commerce Website 1.0
7.5
CVSSv2
CVE-2021-25205
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote malicious users to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
E-commerce Website Project E-commerce Website 1.0
7.5
CVSSv2
CVE-2021-25207
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows malicious users to execute arbitrary code via the file upload to prodViewUpdate.php.
E-commerce Website Project E-commerce Website 1.0
NA
CVE-2022-2678
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file admin_feature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The ...
Alphaware E-commerce System Project Alphaware E-commerce System -
4.3
CVSSv2
CVE-2008-1839
Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4.0.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) day, (2) month, and (3) year parameters. NOTE: the provenance of this information is unknown; th...
Work System E-commerce Work System E-commerce 4.0.9
10
CVSSv2
CVE-2007-4121
Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote malicious users to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (password) parameters. NOTE:...
E-commerce Solutions Auction Script
E-commerce Solutions Multi-vendor E-shop Script
E-commerce Solutions Shopping Cart Script
7.5
CVSSv2
CVE-2017-17610
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
E-commerce Mlm Software Project E-commerce Mlm Software 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-17629
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.
Secure E-commerce Script Project Secure E-commerce Script 2.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »