🕵️ CVE-2023-1502 | SourceCodester Alphaware Simple E-Commerce System 1.0 edit_customer.php firstname/mi/lastname sql injection
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP(5) AND 'dAbu'='dAbu
leads to sql injection.
This vulnerability is handled as CVE-2023-1502. The attack may be launched remotely. Furthermore, there is an exploit available. ...