1 results (0.002 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0997 – SourceCodester Moosikay E-Commerce System POST Parameter order.php sql injection
https://notcve.org/view.php?id=CVE-2023-0997
A vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Moosikay/order.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. • https://github.com/jidle123/bug_report/blob/main/vendors/razormist/Moosikay%20-%20E-Commerce%20System/SQLi-1.md https://vuldb.com/?ctiid.221732 https://vuldb.com/?id.221732 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •