Unrated severityNVD Advisory· Published Aug 18, 2023· Updated Dec 8, 2025
CVE-2023-38890
CVE-2023-38890
Description
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Online Shopping Portal Project/Online Shopping Portal Projectdescription
- Range: = 3.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.