Lucene search
China National Vulnerability DatabaseCNVD-2023-29366HistoryApr 16, 2023 - 12:00 a.m.
Online Computer and Laptop Store delete_order function SQL injection vulnerability
2023-04-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
online computer and laptop store
sql injection
delete_order
vulnerability
external input
illegal sql commands
sensitive database data.
0.001 Low
EPSS
Percentile
50.9%
Online Computer and Laptop Store is an online computer and laptop store. An SQL injection vulnerability exists in Online Computer and Laptop Store v1.0, which originates from the function delete_order in /classes/master.php?f=delete_order where the parameter id of delete_order lacks validation for external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| online computer and laptop store online computer and laptop store | eq | 1.0 |
Related
prion
prion
Sql injection
2023-04-11 19:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-1986
2023-04-11 19:15:08
cve
cve
CVE-2023-1986
2023-04-11 19:15:08