RSS   Vulnerabilities for
'Online-shopping-system-advanced'
   RSS

2021-10-01
 
CVE-2021-41648

CWE-89
 

 
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.

 
 
CVE-2021-41649

CWE-89
 

 
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.

 


Copyright 2024, cxsecurity.com

 

Back to Top