3 matches found
CVE-2024-24027
SQL Injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function DistributionMemberLogic::getFansLists...
CVE-2024-24027
SQL Injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function DistributionMemberLogic::getFansLists...
CVE-2024-24027
CVE-2024-24027 affects Likeshop versions prior to 2.5.7, where a SQL injection vulnerability exists in DistributionMemberLogic::getFansLists. The root cause is improper handling of input in that function, enabling arbitrary SQL commands to be executed against the database. Impact is consistent wi...