Vulnerabilities > Online Market Place Site Project > Online Market Place Site > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-26	CVE-2022-30004	SQL Injection vulnerability in Online Market Place Site Project Online Market Place Site 1.0 Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection.. network low complexity online-market-place-site-project CWE-89 critical	9.8
2022-09-26	CVE-2022-30003	Cross-site Scripting vulnerability in Online Market Place Site Project Online Market Place Site 1.0 Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields. network low complexity online-market-place-site-project CWE-79	5.4
2022-06-02	CVE-2022-29627	Authorization Bypass Through User-Controlled Key vulnerability in Online Market Place Site Project Online Market Place Site 1.0 An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers. network low complexity online-market-place-site-project CWE-639	4.0
2022-06-02	CVE-2022-29628	Cross-site Scripting vulnerability in Online Market Place Site Project Online Market Place Site 1.0 A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter. network online-market-place-site-project CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.