SourceCodester Moosikay E-Commerce System POST Parameter order.php sql injection
CVE-2023-0997
8.8HIGH
What is CVE-2023-0997?
A vulnerability has been identified in the Moosikay E-Commerce System version 1.0, specifically within the /Moosikay/order.php file handling POST parameters. Malicious manipulation of the 'username' argument allows for SQL injection attacks, which can be executed remotely. This vulnerability exposes the system to potential unauthorized data access and manipulation, underscoring the need for immediate attention and remediation by users of the platform.
Affected Version(s)
Moosikay E-Commerce System 1.0