VYPR

Online Shopping Alphaware

by Sourcecodester

CVEs (2)

  • CVE-2020-25362Jun 2, 2021
    risk 0.00cvss epss 0.02

    The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases.

  • CVE-2020-24208Aug 17, 2020
    risk 0.00cvss epss 0.03

    A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters.