Sql injection

2023-09-2715:19:00

PRIOn knowledge base

www.prio-n.com

sql injection

welcart e-commerce

vulnerability

database operations

unauthorized access

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.4%

JSON

SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.

CPENameOperatorVersion
welcart_e-commercege2.7
welcart_e-commercele2.8.21

CPE	Name	Operator	Version
	welcart_e-commerce	ge	2.7
	welcart_e-commerce	le	2.8.21

References

jvn.jp/en/jp/JVN97197972/

www.welcart.com/archives/20106.html