Vulnerabilities (CVE)

Filtered by vendor Simple Subscription Website Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26283 1 Simple Subscription Website Project 1 Simple Subscription Website 2024-02-28 7.5 HIGH 9.8 CRITICAL
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.
CVE-2021-43140 1 Simple Subscription Website Project 1 Simple Subscription Website 2024-02-28 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.
CVE-2021-43141 1 Simple Subscription Website Project 1 Simple Subscription Website 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application.