CVE-2024-9974 | SourceCodester Online Eyewear Shop 1.0 POST Request Master.php?f=add_to_card product_id sql injection

Posted by Angelo Barbosa | Oct 15, 2024 | CVE

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manipulation of the argument product_id leads to sql injection.

This vulnerability is known as CVE-2024-9974. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-9974 | SourceCodester Online Eyewear Shop 1.0 POST Request Master.php?f=add_to_card product_id sql injection

Related Posts

CVE-2024-45075 | IBM webMethods Integration 10.15 single-factor authentication

CVE-2023-37527 | HCL BigFix Platform up to 9.5.23/10.0.10 Web Reports cross site scripting (KB0110209)

CVE-2024-43900 | Linux Kernel up to 6.1.104/6.6.45/6.10.4 load_firmware_cb initialization

CVE-2024-28383 | Tenda AX12 22.03.01.16 sub_431CF0 ssid stack-based overflow