2 matches found
CVE-2024-2351 CodeAstro Ecommerce Site Search action.php sql injection
A vulnerability classified as critical was found in CodeAstro Ecommerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file action.php of the component Search. The manipulation of the argument catid/brandid/keyword leads to sql injection. The attack can be launched...
CVE-2024-2351
CVE-2024-2351 affects CodeAstro Ecommerce Site 1.0. The flaw is in the action.php of the Search component, where manipulating the arguments cat_id, brand_id, or keyword leads to SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly. Public sources identify the v...