📦 Online Shopping Portal

PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the forgot-password.php page's email parameter. This allows attackers to execute arbitrary SQL commands on the database....

phpgurukul Online Shopping Portal 2.0 contains an arbitrary file upload vulnerability in the admin product upload functionality. Attackers can upload malicious files like webshells to gain remote code...

Online Shopping Portal v3.1 contains time-based SQL injection vulnerabilities in the email and contactno parameters, allowing attackers to execute arbitrary SQL commands and potentially access sensiti...

This CVE describes a SQL injection vulnerability in PHPGurukul/Campcodes Online Shopping Portal 1.0. Attackers can exploit the 'remark' parameter in /admin/updateorder.php to execute arbitrary SQL com...

This SQL injection vulnerability in PHPGurukul/Campcodes Online Shopping Portal 1.0 allows attackers to manipulate database queries through the Category parameter in /admin/subcategory.php. Attackers ...

CVE-2023-38890 is an unauthenticated SQL injection vulnerability in Online Shopping Portal Project 3.1 that allows attackers to execute arbitrary SQL commands via the login form. This enables unauthor...

This SQL injection vulnerability in Online Shopping Portal 3.1 allows attackers to execute arbitrary SQL commands via the email parameter in the /check_availability.php endpoint. This affects all user...

PHPGurukul Online Shopping Portal 2.0 contains a cross-site scripting vulnerability in the quantity parameter of my-cart.php. This allows attackers to inject malicious scripts that execute in users' b...

PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in product-details.php that allows attackers to manipulate database queries via name, summary, review, quality, price, and ...

PHPGurukul Online Shopping Portal 2.0 contains SQL injection vulnerabilities in the login.php page through the fullname, emailid, and contactno parameters. This allows attackers to execute arbitrary S...

PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the admin login page's username parameter. This allows attackers to execute arbitrary SQL commands, potentially compromi...

PHPGurukul Online Shopping Portal 2.0 contains a SQL injection vulnerability in the product parameter of search-result.php. This allows attackers to execute arbitrary SQL commands on the database. Any...

PHPGURUKUL Online Shopping Portal 2.1 contains a stored cross-site scripting vulnerability in the quantity parameter when adding products to cart. Attackers can inject malicious scripts that execute i...

This critical SQL injection vulnerability in PHPGurukul Online Shopping Portal 2.1 allows remote attackers to execute arbitrary SQL commands via the product-details.php file. Attackers can potentially...

This vulnerability in PHPGurukul Online Shopping Portal Project version 2.0 allows attackers to perform CSRF attacks that lead to stored XSS. When exploited, it enables execution of arbitrary JavaScri...