CVE-2024-12794 | Codezips E-Commerce Site 1.0 /admin/editorder.php dstatus/quantity/ddate sql injection

Inserito da Angelo Barbosa | Dic 19, 2024 | CVE

A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-12794. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12794 | Codezips E-Commerce Site 1.0 /admin/editorder.php dstatus/quantity/ddate sql injection

Post correlati

CVE-2021-3740 | chatwoot up to 2.3.x session fixiation

CVE-2022-48462 | Unisoc S8000 Wifi Service out-of-bounds write

CVE-2024-23308 | F5 BIG-IP Advanced WAF/BIG-IP ASM 17.1.0 Request Body null pointer dereference (K000137416)

CVE-2015-10129 | planet-freo up to 20150116 admin/inc/auth.inc.php auth comparison