Description


A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The associated identifier of this vulnerability is VDB-220195.

Related CPE's


References


https://vuldb.com/?ctiid.220195

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.220195

Third Party Advisory

Weaknesses



CWE-89


CWE-89

CVSS impact metrics


CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-02-04T08:15:08.147

2 years ago

Last modified

2024-09-07T12:56:42.300

10 months ago