GCVE - cpe:2.3:a:janobe:e-commerce_system:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:janobe:e-commerce_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Janobe (`958e97e2-37fb-58eb-baa2-792f3e424acf`)
Product	E Commerce System (`6e43f3fe-0df3-53a1-a360-1b0ba1b618e6`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-8089`	vulnerable	2026-06-03 14:58:08.305546	SourceCodester E-Commerce System controller.php unrestricted upload MEDIUM (6.3) A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2024-08-22T23:31:06.724Z Updated: 2024-08-23T15:33:06.214Z Open on db.gcve.eu Reference links https://vuldb.com/?id.275568 https://vuldb.com/?ctiid.275568 https://vuldb.com/?submit.396324 https://github.com/0xffaaa/cve/blob/main/ecommerce-Unauthorized%20arbitrary%20file%20upload%20vulnerability.md https://www.sourcecodester.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-8087`	vulnerable	2026-06-03 14:58:08.303988	SourceCodester E-Commerce System popup_Item.php sql injection MEDIUM (6.3) A vulnerability was found in SourceCodester E-Commerce System 1.0 and classified as critical. This issue affects some unknown processing of the file /ecommerce/popup_Item.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2024-08-22T23:00:06.392Z Updated: 2024-08-23T14:14:13.790Z Open on db.gcve.eu Reference links https://vuldb.com/?id.275567 https://vuldb.com/?ctiid.275567 https://vuldb.com/?submit.396321 https://github.com/0xffaaa/cve/blob/main/ecommerce-Unauthorized%20sql%20union%20injection.md https://www.sourcecodester.com/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-8086`	vulnerable	2026-06-03 14:58:08.301728	SourceCodester E-Commerce System Admin Login login.php sql injection HIGH (7.3) A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2024-08-22T22:31:05.395Z Updated: 2024-08-23T14:11:34.333Z Open on db.gcve.eu Reference links https://vuldb.com/?id.275566 https://vuldb.com/?ctiid.275566 https://vuldb.com/?submit.396320 https://github.com/0xffaaa/cve/blob/main/ecommerce-Universal%20password%20bypasses%20login%20verification.md https://www.sourcecodester.com/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.