CVE-2024-2351 | CodeAstro Ecommerce Site 1.0 Search action.php cat_id/brand_id/keyword sql injection

Inserito da Angelo Barbosa | Mar 9, 2024 | CVE

A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument cat_id/brand_id/keyword leads to sql injection.

This vulnerability is known as CVE-2024-2351. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-2351 | CodeAstro Ecommerce Site 1.0 Search action.php cat_id/brand_id/keyword sql injection

Post correlati

CVE-2024-1190 | Global Scape CuteFTP 9.3.0.3 Host/Username/Password denial of service

CVE-2024-0908 | Advanced Post Block Plugin up to 1.13.1 on WordPress authorization

CVE-2020-25720 | Samba LDAP improper authorization

CVE-2024-4738 | Campcodes Legal Case Management System 1.0 new_client cross site scripting