CVE-2024-34949 | likeshop 2.5.7 getOrderList sql injection

Inserito da Angelo Barbosa | Mag 20, 2024 | CVE

A vulnerability classified as critical has been found in likeshop 2.5.7. This affects the function getOrderList. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-34949. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-34949 | likeshop 2.5.7 getOrderList sql injection

Post correlati

CVE-2024-51993 | Combodo iTop up to 3.1.x cleartext storage (GHSA-9mq5-349x-x427)

CVE-2024-7067 | kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87 app/Cart.php getCartProductsIds laraCart deserialization

CVE-2023-49235 | TRENDnet TV-IP1314PI 5.5.3 200714 Debug Information libremote_dbg.so popen os command injection

CVE-2023-52203 | Oliver Seidel & Bastian Germann cformsII Plugin up to 15.0.5 on WordPress cross site scripting