2 matches found
CVE-2024-25248
SQL Injection vulnerability in the orderGoodsDelivery function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the orderid parameter...
CVE-2024-25248
Niushop B2B2C V5 is affected by a SQL Injection in the orderGoodsDelivery() function, exploitable via the order_id parameter. The CVE-2024-25248 entry shows a critical impact (C/H/I/A = High) with network access and no privileges required, per CVSS 3.1 metrics. Connected documents corroborate the...