Vulnerabilities > Online Jewelry Shop Project

DATE CVE VULNERABILITY TITLE RISK
2023-04-19 CVE-2023-27777 Cross-site Scripting vulnerability in Online Jewelry Shop Project Online Jewelry Shop 1.0
Cross-site scripting (XSS) vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL.
network
low complexity
online-jewelry-shop-project CWE-79
5.4
2023-04-19 CVE-2023-27776 Cross-site Scripting vulnerability in Online Jewelry Shop Project Online Jewelry Shop 1.0
A stored cross-site scripting (XSS) vulnerability in /index.php?page=category_list of Online Jewelry Shop v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter.
network
low complexity
online-jewelry-shop-project CWE-79
5.4