CVE-2024-24112

xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...

CVE-2024-24112

xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...

Sql injection

xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...

Exrick XMall Security Vulnerability

Exrick XMall is a distributed e-commerce shopping mall based on SOA architecture. A security vulnerability exists in Exrick XMall v1.1, which stems from the discovery of an SQL injection vulnerability via the orderDir parameter...

CVE-2024-24112

xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...

CVE-2024-24112

xmall v1.1 was discovered to contain a SQL injection vulnerability via the orderDir parameter...

CVE-2024-24112

XMall v1.1 is affected by a SQL injection via the orderDir parameter. Unauthenticated attackers can potentially exfiltrate data. The CVSSv3.1 base score is 9.8 (CRITICAL). Remediation: update Exrick XMall to a version newer than 1.1 (as indicated by sources in the connected documents).

PT-2024-20276 · Xmall · Xmall

Name of the Vulnerable Software and Affected Versions: xmall version 1.1 Description: The issue is a SQL injection vulnerability. It occurs via the orderDir parameter. Recommendations: For xmall version 1.1, as a temporary workaround, consider restricting the use of the orderDir parameter until a...

SolarWinds Storage Resource Monitor Profiler Module HostStorageServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the HostStorageServlet servlet in th...