Sourcecodester Shopping Website vulnerabilities

5 known vulnerabilities affecting sourcecodester/shopping_website.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3

Vulnerabilities

Page 1 of 1
CVE-2023-3534HIGHCVSS 7.5v1.02023-07-07
CVE-2023-3534 [MEDIUM] CWE-89 CVE-2023-3534: A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-233286 is
cvelistv5nvd
CVE-2023-3503HIGHCVSS 8.8v1.02023-07-04
CVE-2023-3503 [MEDIUM] CWE-434 CVE-2023-3503: A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Af A vulnerability has been found in SourceCodester Shopping Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated ide
cvelistv5nvd
CVE-2023-3502HIGHCVSS 7.5v1.02023-07-04
CVE-2023-3502 [MEDIUM] CWE-89 CVE-2023-3502: A vulnerability, which was classified as critical, was found in SourceCodester Shopping Website 1.0. A vulnerability, which was classified as critical, was found in SourceCodester Shopping Website 1.0. Affected is an unknown function of the file search-result.php. The manipulation of the argument product leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-232950 is the
cvelistv5nvd
CVE-2023-3458CRITICALCVSS 9.8v1.02023-06-29
CVE-2023-3458 [MEDIUM] CWE-89 CVE-2023-3458: A vulnerability was found in SourceCodester Shopping Website 1.0. It has been declared as critical. A vulnerability was found in SourceCodester Shopping Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file forgot-password.php. The manipulation of the argument contact leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd
CVE-2023-3457CRITICALCVSS 9.8v1.02023-06-29
CVE-2023-3457 [MEDIUM] CWE-89 CVE-2023-3457: A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-232674 is the ident
cvelistv5nvd