Critical severityNVD Advisory· Published Dec 11, 2025· Updated Apr 15, 2026
CVE-2024-58290
CVE-2024-58290
Description
Xhibiter NFT Marketplace 1.10.2 contains a SQL injection vulnerability in the collections endpoint that allows attackers to manipulate database queries through the 'id' parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or manipulate database information by sending crafted payloads to the collections page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.10.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.