Vulnerabilities > Online Clothing Store Project > Online Clothing Store > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-28138 | SQL Injection vulnerability in Online Clothing Store Project Online Clothing Store 1.0 SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php. | 9.8 |
| 2020-11-17 | CVE-2020-28140 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Clothing Store Project Online Clothing Store 1.0 SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php. | 9.8 |