Phone Shop Sales Management System Project: >> Phone Shop Sales Management System >> 1.0 Security Vulnerabilities
Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin.
CVSS Score
9.8
EPSS Score
0.001
Published
2021-11-02
Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-08-03
Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CVSS Score
9.8
EPSS Score
0.001
Published
2021-07-30
Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will be able to see the invoices of different users by changing the id parameter.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-07-01