Описание
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:loadedcommerce:loaded7:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01106
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book.
EPSS
Процентиль: 78%
0.01106
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-89