ГлавнаяУязвимости → CVE-2024-50970
8.8высокая

CVE-2024-50970

Описание

A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Затрагиваемое ПО
Nikoarroyocuraza Online furniture shopping project
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/Akhlak2511/CVE-2024-50970https://itsourcecode.com/free-projects/php-project/online-furniture-shop-in-php-projects-free-source-code-and-database/