Security Advisory

CVE-2023-5294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-29 21:00:08

Last updated 2025-06-18 13:59:20

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/order.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240925 was assigned to this vulnerability.

← Browse all CVEs View on cve.org ↗