CVE-2024-4070 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 prodList.php prodType sql injection

Inserito da Angelo Barbosa | Apr 23, 2024 | CVE

A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and classified as critical. This vulnerability affects unknown code of the file prodList.php. The manipulation of the argument prodType leads to sql injection.

This vulnerability was named CVE-2024-4070. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-4070 | Kashipara Online Furniture Shopping Ecommerce Website 1.0 prodList.php prodType sql injection

Post correlati

CVE-2023-50059 | Ingalxe Galxe platform 1.0 Web3 Authentication information disclosure

VDB-263594 | Campcodes Complete Web-Based School Management System 1.0 show_student_grade_subject.php id cross site scripting

CVE-2024-1414 | Exclusive Addons for Elementor Plugin up to 2.6.9 on WordPress Call To Action Widget cross site scripting

CVE-2024-0196 | Magic-Api up to 2.0.1 save code injection