SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
9.8CVSS
9.9AI Score
0.001EPSS
Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.
9.8CVSS
9.7AI Score
0.002EPSS