Lucene search
China National Vulnerability DatabaseCNVD-2023-29387HistoryApr 11, 2023 - 12:00 a.m.
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29387)
2023-04-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
online
laptop
store
sql injection
vulnerability
carlo montero
validation
external input
exploited
attackers
illegal sql commands
sensitive database data
cnvd-2023-29387
0.001 Low
EPSS
Percentile
48.9%
Online Computer and Laptop Store is an online computer and laptop store from Carlo Monteroβs personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter id of the file /classes/Master.php?f=delete_sub_category, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| carlo montero online computer and laptop store v | eq | 1.0 |
Related
nvd
nvd
CVE-2023-1958
2023-04-08 11:15:06
cvelist
cvelist
CVE-2023-1958 SourceCodester Online Computer and Laptop Store sql injection
2023-04-08 10:31:04
cve
cve
CVE-2023-1958
2023-04-08 11:15:06
prion
prion
Sql injection
2023-04-08 11:15:00