3 matches found
Exrick XMall - SQL Injection
XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir' parameter. id: CVE-2024-24112 info: name: Exrick XMall - SQL Injection author: DhiyaneshDk severity: critical description: | XMall v1.1 was discovered to contain a SQL injection vulnerability via the 'orderDir'...
CVE-2024-24112
xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...
CVE-2024-24112
XMall v1.1 is affected by a SQL injection via the orderDir parameter. Unauthenticated attackers can potentially exfiltrate data. The CVSSv3.1 base score is 9.8 (CRITICAL). Remediation: update Exrick XMall to a version newer than 1.1 (as indicated by sources in the connected documents).