Online Shopping Alphaware Project Online Shopping Alphaware vulnerabilities
2 known vulnerabilities affecting online_shopping_alphaware_project/online_shopping_alphaware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-24208P2CRITICALCVSS 9.8v1.02020-08-17
CVE-2020-24208 [CRITICAL] CWE-89 CVE-2020-24208: A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthen
A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters.
nvd
CVE-2020-25362P3HIGHCVSS 7.5v1.02021-06-02
CVE-2020-25362 [HIGH] CWE-89 CVE-2020-25362: The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-B
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases.
nvd