Vulnerabilities > E Commerce Website Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-03	CVE-2022-27330	Cross-site Scripting vulnerability in E-Commerce Website Project E-Commerce Website 1.0 A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field. network low complexity e-commerce-website-project CWE-79	5.4
2021-07-23	CVE-2021-25204	Cross-site Scripting vulnerability in E-Commerce Website Project E-Commerce Website 1.0 Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php. network low complexity e-commerce-website-project CWE-79	5.4
2021-07-23	CVE-2021-25207	Unrestricted Upload of File with Dangerous Type vulnerability in E-Commerce Website Project E-Commerce Website 1.0 Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php. network low complexity e-commerce-website-project CWE-434 critical	9.8
2021-07-22	CVE-2021-25205	SQL Injection vulnerability in E-Commerce Website Project E-Commerce Website 1.0 SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php . network low complexity e-commerce-website-project CWE-89 critical	9.8

Vulnerabilities > E Commerce Website Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"E Commerce Website Project"}]}

Vulnerabilities > E Commerce Website Project