2 matches found
newbee-mall SQL Injection Vulnerability
newbee-mall is an e-commerce system. A SQL injection vulnerability exists in the main/resources/mapper/NewBeeMallGoodsMapper.xml file in versions of newbee-mall prior to 2019-10-23, which stems from a lack of validation of externally entered SQL statements in database-based applications and can b...
CVE-2019-19113
main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall aka New Bee before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection...