CVE-2024-2153 | SourceCodester Online Mobile Management Store 1.0 view_order.php id sql injection

Posted by Angelo Barbosa | Mar 3, 2024 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /admin/orders/view_order.php. The manipulation of the argument id leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-2153. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-2153 | SourceCodester Online Mobile Management Store 1.0 view_order.php id sql injection

Related Posts

CVE-2024-47071 | FreePBX OSS Endpoint Manager up to 14.0.3 Module path traversal

CVE-2024-32285 | Tenda W30E 1.0.1.25(633) formaddUserName password stack-based overflow

CVE-2023-31274 | AVEVA PI Server 2023/up to 2018 SP3 P05 Message Subsystem release of resource (icsa-24-018-01)

CVE-2024-42249 | Linux Kernel up to 6.9.9 spi_async information disclosure (8b9af6d67517/c86a918b1bdb)