Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Online Eyewear Shop Project Subscribe
Filtered by product Online Eyewear Shop
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0966 1 Online Eyewear Shop Project 1 Online Eyewear Shop 2023-02-27 N/A 8.8 HIGH
A vulnerability classified as problematic was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=orders/view_order. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221635.
CVE-2023-0732 1 Online Eyewear Shop Project 1 Online Eyewear Shop 2023-02-15 N/A 6.1 MEDIUM
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is the function registration of the file oews/classes/Users.php of the component POST Request Handler. The manipulation of the argument firstname/middlename/lastname/email/contact leads to cross site scripting. The attack can be launched remotely. The identifier VDB-220369 was assigned to this vulnerability.
CVE-2023-0686 1 Online Eyewear Shop Project 1 Online Eyewear Shop 2023-02-14 N/A 9.8 CRITICAL
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation of the argument cart_id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-220245 was assigned to this vulnerability.
CVE-2023-0673 1 Online Eyewear Shop Project 1 Online Eyewear Shop 2023-02-11 N/A 9.8 CRITICAL
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-220195.