CVE-2024-9809 | SourceCodester Online Eyewear Shop 1.0 Master.php delete_product id sql injection

Posted by Angelo Barbosa | Oct 10, 2024 | CVE

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is the function delete_product of the file /classes/Master.php?f=delete_product. The manipulation of the argument id leads to sql injection.

This vulnerability is known as CVE-2024-9809. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-9809 | SourceCodester Online Eyewear Shop 1.0 Master.php delete_product id sql injection

Related Posts

CVE-2024-6776 | Google Chrome up to 126.0.6478.126 Audio use after free (ID 346692)

CVE-2024-26649 | Linux Kernel up to 6.6.14/6.7.2 amdgpu_ucode_request null pointer dereference (8b5bacce2d13/d3887448486c/bc03c02cc199)

CVE-2023-7145 | gopeak MasterLab up to 3.3.10 HTTP POST Request app/ctrl/Framework.php sqlInject pwd sql injection

CVE-2023-7194 | Meris Theme up to 1.1.2 on WordPress cross site scripting