📦 Simple Online Bidding System

This CVE describes a critical SQL injection vulnerability in SourceCodester Simple Online Bidding System 1.0, allowing remote attackers to manipulate database queries via the username parameter in the...

This vulnerability allows remote attackers to perform file inclusion attacks on SourceCodester Simple Online Bidding System 1.0 by manipulating the 'page' parameter in /simple-online-bidding-system/bi...

CVE-2024-7799 is an improper authorization vulnerability in SourceCodester Simple Online Bidding System 1.0 that allows unauthorized access to admin functionality. Attackers can remotely exploit the /...

This critical SQL injection vulnerability in Simple Online Bidding System 1.0 allows attackers to execute arbitrary SQL commands via the id parameter in the /admin/ajax.php?action=delete_user endpoint...

This CSRF vulnerability in SourceCodester Simple Online Bidding System 1.0 allows attackers to trick authenticated administrators into performing unauthorized product management actions. Attackers can...

This is a critical SQL injection vulnerability in SourceCodester Simple Online Bidding System 1.0 that allows attackers to manipulate database queries through the 'id' parameter in the admin interface...

This critical SQL injection vulnerability in SourceCodester Simple Online Bidding System 1.0 allows attackers to manipulate database queries through the 'id' parameter in the view_prod page. Remote at...

This is a critical SQL injection vulnerability in SourceCodester Simple Online Bidding System 1.0 that allows attackers to execute arbitrary SQL commands via the 'id' parameter in the admin/ajax.php e...