A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument cat_id/brand_id/keyword leads to sql injection.

This vulnerability is known as CVE-2024-2351. The attack can be launched remotely. Furthermore, there is an exploit available.