3 matches found
CVE-2023-38890
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling...
CVE-2023-38890
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling...
CVE-2023-38890
CVE-2023-38890 affects Online Shopping Portal Project 3.1, where the login form’s username input allows SQL Injection due to insufficient input validation. This is a remote code execution/unauthorized-access risk via crafted queries, with public references to exploits (e.g., ExploitDB 50029) and ...