SourceCodester Shopping Website search-result.php sql injection
CVE-2023-3502
7.5HIGH
What is CVE-2023-3502?
A vulnerability exists in the SourceCodester Shopping Website 1.0, specifically within the search-result.php file, where improper handling of user input allows an attacker to manipulate the 'product' argument. This results in SQL injection, enabling remote exploitation. The vulnerability has been publicly disclosed, posing a risk to users of the affected software, and it allows unauthorized access to database information through crafted SQL queries.
Affected Version(s)
Shopping Website 1.0