Lucene search
China National Vulnerability DatabaseCNVD-2023-29388HistoryApr 11, 2023 - 12:00 a.m.
Online Computer and Laptop Store SQL Injection Vulnerability (CNVD-2023-29388)
2023-04-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
online computer and laptop store
sql injection
cnvd-2023-29388
carlo montero
sql statements
validation
sensitive database data
exploit
0.001 Low
EPSS
Percentile
47.6%
Online Computer and Laptop Store is an online computer and laptop store from Carlo Monteroβs personal developer. Online Computer and Laptop Store v1.0 is vulnerable to SQL injection. The vulnerability stems from the lack of validation of external input SQL statements in the parameter category of the file /classes/Master.php?f=save_category, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| carlo montero online computer and laptop store v | eq | 1.0 |
Related
prion
prion
Sql injection
2023-04-08 11:15:00
nvd
nvd
CVE-2023-1959
2023-04-08 11:15:06
cve
cve
CVE-2023-1959
2023-04-08 11:15:06
cvelist
cvelist
CVE-2023-1959 SourceCodester Online Computer and Laptop Store sql injection
2023-04-08 11:00:05