Vulnerability CVE-2022-30004


Published: 2022-09-26

Description:
Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Online Market Place Site 1.0 SQL Injection
Joe Pollock
06.09.2022

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html
https://packetstormsecurity.com/files/168249/Online-Market-Place-Site-1.0-SQL-Injection.html

Copyright 2024, cxsecurity.com

 

Back to Top