Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.
References
Link | Resource |
---|---|
https://medium.com/@grimthereaperteam/online-shopping-system-advanced-sql-injection-at-product-php-c55c435c35c2 | Exploit Third Party Advisory |
https://github.com/PuneethReddyHC/online-shopping-system-advanced | Product |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-11-28 20:15
Updated : 2022-11-29 20:58
NVD link : CVE-2022-42109
Mitre link : CVE-2022-42109
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
online-shopping-system-advanced_project
- online-shopping-system-advanced