online-shopping-system-advanced
online-shopping-system-advanced copied to clipboard
PuneethReddyHC
Demo site
### Vulnerability file address `admin/add_product.php` from line 18,It only restricts the type of the file, and does not restrict the file suffix, and the file type can be bypassed only...
### Vulnerability file address `admin/index.php` There is no authentication check on the cookie or session or header header, resulting in unauthorized access ```php .......... .......... ..........
### Vulnerability file address `register.php` from line 4,The $address2 parameter is controllable, the parameter address2 can be passed through post, and the $address2 is not protected from sql injection, resulting...
### Vulnerability file address `product.php` from line 60,The $product_id parameter is controllable, the parameter p can be passed through get, and the $product_id is not protected from sql injection, resulting...
### Vulnerability file address `admin/manage_users.php` from line 4,The $user_id parameter is controllable, the parameter user_id can be passed through post, and the $user_id is not protected from sql injection, resulting...
### Vulnerability file address `admin/clothes_list.php` from line 5,The $product_id parameter is controllable, the parameter product_id can be passed through get, and the $product_id is not protected from sql injection, resulting...
### Vulnerability file address `admin/cosmetics_list.php` from line 5,The $product_id parameter is controllable, the parameter product_id can be passed through get, and the $product_id is not protected from sql injection, resulting...
### Vulnerability file address `admin/add_user.php` from line 7,The $first_name parameter is controllable, the parameter first_name can be passed through post, and the $first_name is not protected from sql injection, resulting...
### Vulnerability file address `admin/orders.php` from line 5,The $order_id parameter is controllable, the parameter order_id can be passed through get, and the $order_id is not protected from sql injection, resulting...