3 matches found
CVE-2019-25391
Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functio...
PT-2026-21438
Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functio...
Ashop Shopping Cart SQL注入漏洞
Ashop Shopping Cart is a e-commerce platform developed by Ashop Corporation. Ashop Shopping Cart has a SQL injection vulnerability, which stems from insufficient input validation of the blacklistitemid parameter at the admin/bannedcustomers.php endpoint. This vulnerability may lead to time-based...