Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Online-shopping-system-advanced Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42109 1 Online-shopping-system-advanced Project 1 Online-shopping-system-advanced 2022-11-29 N/A 9.8 CRITICAL
Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.
CVE-2021-41648 1 Online-shopping-system-advanced Project 1 Online-shopping-system-advanced 2021-11-26 5.0 MEDIUM 7.5 HIGH
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.
CVE-2021-41649 1 Online-shopping-system-advanced Project 1 Online-shopping-system-advanced 2021-11-05 7.5 HIGH 9.8 CRITICAL
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.