SourceCodester Shopping Website check_availability.php sql injection
CVE-2023-3534
7.5HIGH
What is CVE-2023-3534?
A SQL injection vulnerability exists in the SourceCodester Shopping Website version 1.0, where the email argument in the check_availability.php file can be manipulated. This allows attackers to execute arbitrary SQL commands, potentially compromising the database and exposing sensitive information. The vulnerability can be exploited remotely, making it a significant concern for users of this e-commerce platform. Awareness and prompt remediation are essential to safeguarding against potential attacks.
Affected Version(s)
Shopping Website 1.0