Lucene search
K

5 matches found

Nuclei
Nuclei
added 13 hours ago122 views

ECTouch v2 - SQL Injection

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php. id: CVE-2023-39560 info: name: ECTouch v2 - SQL Injection author: s4e-io severity: critical description: | ECTouch v2 was discovered to contain a SQL injection vulnerabili...

9.8CVSS7.1AI score0.04109EPSS
Exploits1References2
Circl
Circl
added 2023/08/28 8:16 p.m.10 views

CVE-2023-39560

creationtimestamp| type| source ---|---|--- 2023-08-28 20:16:46+00:00| seen| https://t.me/cibsecurity/69302...

9.8CVSS8.7AI score0.04109EPSS
Exploits1References1
OSV
OSV
added 2023/08/28 5:15 p.m.3 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS5.8AI score0.04109EPSS
Exploits1References1
NVD
NVD
added 2023/08/28 5:15 p.m.40 views

CVE-2023-39560

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr'id' parameter at \default\helpers\insert.php...

9.8CVSS9.8AI score0.04109EPSS
Exploits1References1
CVE
CVE
added 2023/08/28 12:0 a.m.72 views

CVE-2023-39560

ECTouch v2 is affected by a SQL injection flaw in default/helpers/insert.php via the id parameter ($arr['id']). The vulnerability allows unauthenticated attackers to extract database contents (e.g., customer data, orders, payments). Root cause: use of non-parameterized SQL queries. Evidence from ...

9.8CVSS9.7AI score0.04109EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder