GCVE - cpe:2.3:a:codezips:e-commerce_site:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:codezips:e-commerce_site:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Codezips (`d6987edb-dda5-55fa-ba47-db9343ba86ca`)
Product	E Commerce Site (`5d5f3e2d-ff51-50d1-b99c-ab16a21e4454`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-5049`	vulnerable	2026-06-03 14:57:51.597508	Codezips E-Commerce Site editproduct.php unrestricted upload MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-264746 is the identifier assigned to this vulnerability. Published: 2024-05-17T14:00:05.805Z Updated: 2024-08-01T21:03:10.601Z Open on db.gcve.eu Reference links https://vuldb.com/?id.264746 https://vuldb.com/?ctiid.264746 https://vuldb.com/?submit.335838 https://github.com/polaris0x1/CVE/issues/2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-4923`	vulnerable	2026-06-03 14:57:16.485082	Codezips E-Commerce Site addproduct.php unrestricted upload MEDIUM (6.3) A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264460. Published: 2024-05-16T01:31:03.842Z Updated: 2024-08-01T20:55:10.274Z Open on db.gcve.eu Reference links https://vuldb.com/?id.264460 https://vuldb.com/?ctiid.264460 https://vuldb.com/?submit.333874 https://github.com/polaris0x1/CVE/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-12794`	vulnerable	2026-06-03 14:54:23.184852	Codezips E-Commerce Site editorder.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2024-12-19T18:00:19.939Z Updated: 2024-12-20T17:36:24.827Z Open on db.gcve.eu Reference links https://vuldb.com/?id.288975 https://vuldb.com/?ctiid.288975 https://vuldb.com/?submit.466241 https://github.com/laowuzi/cve/blob/main/E-commerce/E-commerce_editorder.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-12792`	vulnerable	2026-06-03 14:54:23.183709	Codezips E-Commerce Site newadmin.php sql injection HIGH (7.3) A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2024-12-19T17:31:11.530Z Updated: 2024-12-20T17:48:23.647Z Open on db.gcve.eu Reference links https://vuldb.com/?id.288973 https://vuldb.com/?ctiid.288973 https://vuldb.com/?submit.465715 https://github.com/laowuzi/cve/blob/main/E-commerce/E-commerce-newadmin.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-12791`	vulnerable	2026-06-03 14:54:23.182627	Codezips E-Commerce Site signin.php sql injection HIGH (7.3) A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2024-12-19T17:31:09.646Z Updated: 2024-12-20T17:50:09.693Z Open on db.gcve.eu Reference links https://vuldb.com/?id.288971 https://vuldb.com/?ctiid.288971 https://vuldb.com/?submit.465711 https://github.com/laowuzi/cve/blob/main/E-commerce/E-commerce-signin.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-11663`	vulnerable	2026-06-03 14:54:14.599143	Codezips E-Commerce Site search.php sql injection HIGH (7.3) A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2024-11-25T08:31:04.498Z Updated: 2024-11-26T15:29:37.830Z Open on db.gcve.eu Reference links https://vuldb.com/?id.285985 https://vuldb.com/?ctiid.285985 https://vuldb.com/?submit.447297 https://github.com/disinroot/CVE/issues/1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.