Critical severity9.1NVD Advisory· Published Jul 30, 2021· Updated Jun 17, 2026
CVE-2021-37593
CVE-2021-37593
Description
PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands. Upon a successful SQL injection attack, an attacker can read sensitive data from the database and possibly modify database data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PEEL/Shoppingdescription
- Range: =9.4.0
Patches
Vulnerability mechanics
References
3- www.netbytesec.com/advisories/UnauthenticatedBlindSQLInjectionVulnerabilityInPEELShopping/nvdExploitThird Party Advisory
- github.com/advisto/peel-shopping/issues/3nvdExploitIssue TrackingThird Party Advisory
- github.com/faisalfs10x/CVE-IDs/blob/main/2021/CVE-2021-37593/Proof_of_Concept.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.