A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation of the argument cart_id leads to sql injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The identifier VDB-220245 was assigned to this vulnerability.
History

Mon, 25 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 07 Sep 2024 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Oretnom23
Oretnom23 online Eyewear Shop
CPEs cpe:2.3:a:online_eyewear_shop_project:online_eyewear_shop:1.0:*:*:*:*:*:*:* cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:*
Vendors & Products Online Eyewear Shop Project
Online Eyewear Shop Project online Eyewear Shop
Oretnom23
Oretnom23 online Eyewear Shop

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-02-06T18:50:20.362Z

Updated: 2024-11-25T15:38:23.464Z

Reserved: 2023-02-06T18:48:46.088Z

Link: CVE-2023-0686

cve-icon Vulnrichment

Updated: 2024-08-02T05:17:50.351Z

cve-icon NVD

Status : Modified

Published: 2023-02-06T20:15:14.367

Modified: 2024-11-21T07:37:37.617

Link: CVE-2023-0686

cve-icon Redhat

No data.