Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-1569
A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument U_NAME with the input <script>alert(...
E-commerce System Project E-commerce System 1.0
NA
CVE-2007-5801
Unspecified vulnerability in WORK system e-commerce prior to 4.0.2 has unknown impact and attack vectors related to "Ajax pages."
Work System E-commerce Work System E-commerce
5.4
CVSSv3
CVE-2021-25204
Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote malicious users to inject arbitrary web script or HTM via the subject field to feedback_process.php.
E-commerce Website Project E-commerce Website 1.0
9.8
CVSSv3
CVE-2021-25205
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote malicious users to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
E-commerce Website Project E-commerce Website 1.0
8.1
CVSSv3
CVE-2023-1505
A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 ...
E-commerce System Project E-commerce System 1.0
8.1
CVSSv3
CVE-2023-1506
A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The compl...
E-commerce System Project E-commerce System 1.0
6.1
CVSSv3
CVE-2023-1507
A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the ar...
E-commerce System Project E-commerce System 1.0
8.8
CVSSv3
CVE-2022-2678
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file admin_feature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The ...
Alphaware E-commerce System Project Alphaware E-commerce System -
NA
CVE-2008-1839
Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4.0.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) day, (2) month, and (3) year parameters. NOTE: the provenance of this information is unknown; th...
Work System E-commerce Work System E-commerce 4.0.9
NA
CVE-2007-4121
Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote malicious users to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (password) parameters. NOTE:...
E-commerce Solutions Auction Script
E-commerce Solutions Shopping Cart Script
E-commerce Solutions Multi-vendor E-shop Script
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »