Skip to main content

Online Clothing Store

3 CVEs product

Monthly

CVE-2020-28140 CRITICAL POC Act Now

SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Online Clothing Store
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-28139 MEDIUM POC This Month

SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Online Clothing Store
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-28138 CRITICAL POC Act Now

SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Clothing Store
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.0%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Online Clothing Store
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Online Clothing Store
NVD Exploit-DB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Clothing Store
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy