Vulnerabilities (CVE)

Filtered by vendor Phone Shop Sales Management System Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36624 1 Phone Shop Sales Management System Project 1 Phone Shop Sales Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CVE-2021-36623 1 Phone Shop Sales Management System Project 1 Phone Shop Sales Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE.
CVE-2021-36560 1 Phone Shop Sales Management System Project 1 Phone Shop Sales Management System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin.
CVE-2021-35337 1 Phone Shop Sales Management System Project 1 Phone Shop Sales Management System 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will be able to see the invoices of different users by changing the id parameter.