VYPR

E-Commerce Website

by Sourcecodester

CVEs (4)

  • CVE-2021-25207CriJul 23, 2021
    risk 0.64cvss 9.8epss 0.02

    Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.

  • CVE-2021-25205CriJul 22, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .

  • CVE-2024-8217HigAug 27, 2024
    risk 0.48cvss 7.3epss 0.01

    A vulnerability has been found in SourceCodester E-Commerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely.…

  • CVE-2021-25204MedJul 23, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.