Vulnerabilities > E Negosyo System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-41674 | SQL Injection vulnerability in E-Negosyo System Project E-Negosyo System 1.0 An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the user_email parameter in /admin/login.php. | 7.5 |
| 2021-10-29 | CVE-2021-41675 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Negosyo System Project E-Negosyo System 1.0 A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. | 6.5 |