3 matches found
CVE-2020-20675
Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/...
Sql injection
Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoodsListByConditions/...
CVE-2020-20675
Nuishop v2.3 is affected by an SQL injection in /goods/getGoodsListByConditions/. The vulnerability is caused by unsafely handling input in that endpoint, enabling attackers to manipulate database queries. Documented impact indicates high severity (CVSS 3.1: CRITICAL, 9.8) and high for confidenti...