Security Advisory

CVE-2024-4826

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-16 12:07:01

Last updated 2024-08-01 20:55:10

Assigner INCIBE

State PUBLISHED

Description

SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an attacker to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_id parameter in the category.php file.

← Browse all CVEs View on cve.org ↗