Online Computer and Laptop Store is an online computer and laptop store from Carlo Monteroβs personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of externally entered SQL statements in the parameter date_start/date_end in the file /admin/sales/index.php, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
carlo montero online computer and laptop store v | eq | 1.0 |