SQL injection vulnerability in Simple PHP Shopping Cart...
Critical severity
Unreviewed
Published
May 16, 2024
to the GitHub Advisory Database
•
Updated May 16, 2024
Description
Published by the National Vulnerability Database
May 16, 2024
Published to the GitHub Advisory Database
May 16, 2024
Last updated
May 16, 2024
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability could allow an attacker to retrieve all the information stored in the database by sending a specially crafted SQL query, due to the lack of proper sanitisation of the category_id parameter in the category.php file.
References