Online Pet Shop We App
by Oretnom23
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-1042 | 0.00 | — | 0.01 | Feb 26, 2023 | A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /pet_shop/admin/orders/update_status.php. The manipulation of the argument oid with the input… | |||
| CVE-2022-39977 | 0.00 | — | 0.01 | Oct 27, 2022 | Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point. | |||
| CVE-2022-41378 | 0.00 | — | 0.01 | Oct 7, 2022 | Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory. | |||
| CVE-2022-40933 | 0.00 | — | 0.01 | Sep 22, 2022 | Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id. | |||
| CVE-2021-35458 | 0.00 | — | 0.02 | Jul 27, 2021 | Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter. | |||
| CVE-2021-35456 | 0.00 | — | 0.02 | Jun 28, 2021 | Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell upload |
- CVE-2023-1042Feb 26, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Online Pet Shop We App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /pet_shop/admin/orders/update_status.php. The manipulation of the argument oid with the input…
- CVE-2022-39977Oct 27, 2022risk 0.00cvss —epss 0.01
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point.
- CVE-2022-41378Oct 7, 2022risk 0.00cvss —epss 0.01
Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory.
- CVE-2022-40933Sep 22, 2022risk 0.00cvss —epss 0.01
Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.
- CVE-2021-35458Jul 27, 2021risk 0.00cvss —epss 0.02
Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter.
- CVE-2021-35456Jun 28, 2021risk 0.00cvss —epss 0.02
Online Pet Shop We App 1.0 is vulnerable to remote SQL injection and shell upload