CVE-2023-7106 | code-projects E-Commerce Website 1.0 product_details.php prod_id sql injection

Posted by Angelo Barbosa | Dec 25, 2023 | CVE

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file product_details.php?prod_id=11. The manipulation of the argument prod_id leads to sql injection.

This vulnerability is known as CVE-2023-7106. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-7106 | code-projects E-Commerce Website 1.0 product_details.php prod_id sql injection

Related Posts

CVE-2024-44818 | ZZCMS up to 2023 Header caina.php HTTP_Referer cross site scripting

CVE-2024-3824 | Base64 Encoder Decoder Plugin up to 0.9.2 on WordPress Setting cross-site request forgery

CVE-2024-21731 | Joomla CMS up to 3.10.15/4.4.5/5.1.1 StringHelper::truncate cross site scripting

CVE-2024-40723 | CHANGING Information Technology HWATAIServiSign prior 1.0.24.0219 on Windows API stack-based overflow