CVE-2023-38890

Description

Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.

Related CPE's

Could not find any relations

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics