3 matches found
CVE-2024-25248
SQL Injection vulnerability in the orderGoodsDelivery function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the orderid parameter...
PT-2024-20843 · Unknown · Niushop B2B2C
Name of the Vulnerable Software and Affected Versions: Niushop B2B2C V5 Description: The issue concerns a SQL Injection vulnerability in the orderGoodsDelivery function, allowing attackers to execute arbitrary SQL commands via the order id parameter. Recommendations: For Niushop B2B2C V5, as a...
niushop b2b2c SQL Injection Vulnerability
Niushop niushop b2b2c is a PHP open source e-commerce multi-merchant system from China's NiuKu Information Technology Niushop. niushop b2b2c V5 version exists SQL injection vulnerability , the vulnerability stems from the orderGoodsDelivery function in the presence of SQL injection , allowing an...