Unrated severityNVD Advisory· Published Dec 21, 2024· Updated Dec 24, 2024
Codezips E-Commerce Website login.php sql injection
CVE-2024-12884
Description
A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Affected products
2- Range: = 1.0
- Codezips/E-Commerce Websitev5Range: 1.0
Patches
Vulnerability mechanics
References
4- geochen.medium.com/sqli-in-login-php-of-e-commerce-website-using-php-1abacb5e2ccdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.