Online Market Place Site Project CVE

Filtered by vendor Online Market Place Site Project Subscribe

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-30004	1 Online Market Place Site Project	1 Online Market Place Site	2025-05-21	N/A	9.8 CRITICAL
Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..
CVE-2022-30003	1 Online Market Place Site Project	1 Online Market Place Site	2025-05-21	N/A	5.4 MEDIUM
Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.
CVE-2022-29628	1 Online Market Place Site Project	1 Online Market Place Site	2024-11-21	3.5 LOW	5.4 MEDIUM
A cross-site scripting (XSS) vulnerability in /omps/seller of Online Market Place Site v1.0 allows attackers to execute arbitrary web cripts or HTML via a crafted payload injected into the Page parameter.
CVE-2022-29627	1 Online Market Place Site Project	1 Online Market Place Site	2024-11-21	4.0 MEDIUM	4.3 MEDIUM
An insecure direct object reference (IDOR) in Online Market Place Site v1.0 allows attackers to modify products that are owned by other sellers.

Vulnerabilities (CVE)