Description

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The associated identifier of this vulnerability is VDB-220195.

Related CPE's

a

oretnom23

online_eyewear_shop

1.0

Vulnerable

References

https://vuldb.com/?ctiid.220195

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.220195

Third Party Advisory

Weaknesses

[email protected]

Primary
CWE-89

[email protected]

Secondary
CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-02-04T08:15:08.147

2 years ago

Last modified

2024-09-07T12:56:42.300

10 months ago