CVEDB API

Vulnerabilities

Vulnerable Software

E-Commerce Website Project: Security Vulnerabilities

CVE-2022-27330

A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field.

CVSS Score

5.4

EPSS Score

0.001

Published

2022-05-03

CVE-2021-25204

Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.

CVSS Score

5.4

EPSS Score

0.001

Published

2021-07-23

CVE-2021-25207

Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.

CVSS Score

9.8

EPSS Score

0.01

Published

2021-07-23

CVE-2021-25205

SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .

CVSS Score

9.8

EPSS Score

0.005

Published

2021-07-22

Page 1

Vulnerabilities

Vulnerable Software

E-Commerce Website Project: Security Vulnerabilities

Products

Pricing

Contact Us