Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Online store system'
2019-10-01
CVE-2019-8292
CWE-306
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
CVE-2019-8291
CWE-22
Online Store System v1.0 delete_file.php doesn't check to see if a user has administrative rights nor does it check for path traversal.
CVE-2019-8290
CWE-79
Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sent_register.php allowing special characters to be included and an XSS payload to be injected.
CVE-2019-8289
CWE-79
Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php adidas_member_email variable
CVE-2019-8288
CWE-79
Vulnerability in Online Store v1.0, Stored XSS in user_view.php where adidas_member_user variable is not sanitized.
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Online store system' 
Polish
English