Security Advisory

CVE-2021-47811

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-15 23:25:53

Last updated 2026-03-05 01:28:42

Assigner VulnCheck

State PUBLISHED

Description

Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order_by[] parameter in POST requests to the ajax_list endpoint to potentially extract or modify database information.

← Browse all CVEs View on cve.org ↗