VYPR

Online Store System CMS

by Online Store System CMS

CVEs (5)

  • CVE-2018-25203HigMar 26, 2026
    risk 0.53cvss 8.2epss 0.00

    Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using…

  • CVE-2019-8290MedOct 1, 2019
    risk 0.40cvss 6.1epss 0.01

    Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.

  • CVE-2022-37796MedSep 12, 2022
    risk 0.35cvss 5.4epss 0.00

    In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS).

  • CVE-2019-8289MedOct 1, 2019
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable

  • CVE-2019-8288MedOct 1, 2019
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.