3 matches found
CVE-2021-37593
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest unauthenticated can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the database and possibly...
CVE-2021-37593
CVE-2021-37593 affects PEEL Shopping. Public/unauthenticated users can perform remote SQL injection, potentially reading and modifying database data. The vulnerability is reported against PEEL Shopping version 9.4.0 (and prior versions in some sources). Root cause: insecure handling of SQL querie...
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection
Exploit Title: PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection Date: 2021-07-10 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.peel.fr Software Link: https://sourceforge.net/projects/peel-shopping/files/peel-shopping930.zip/download Version: prior to...