VYPR

SUP Online Shopping

by Sourcecodester

CVEs (3)

  • CVE-2026-8131HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2026-8129HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2026-9377LowMay 24, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely.…