1 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Moosikay/order.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. • https://github.com/jidle123/bug_report/blob/main/vendors/razormist/Moosikay%20-%20E-Commerce%20System/SQLi-1.md https://vuldb.com/?ctiid.221732 https://vuldb.com/?id.221732 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •