ECShop SQL Injection Vulnerability

ShopeX ECShop is an open source mall system of the Chinese business school ShopeX company . Support PC + H5 + APP + small program mall , source code free download experience , suitable for enterprise development and build mall. ECShop 4.1.1 version of the existence of SQL injection vulnerability ...

PT-2023-32015 · Ecshop · Ecshop

Name of the Vulnerable Software and Affected Versions: ECshop version 4.1.1 Description: A critical issue has been found in an unknown functionality of the file /admin/order.php. The manipulation of the goods id argument leads to SQL injection. This issue can be exploited remotely. Recommendation...