code-projects E-Commerce Website user_signup.php sql injection
CVE-2023-7107
9.8CRITICAL
What is CVE-2023-7107?
A security vulnerability was identified in the E-Commerce Website 1.0, specifically in the file user_signup.php. This flaw allows for SQL injection attacks through the manipulation of various user input fields including firstname, middlename, email, address, contact, and username. Attackers can exploit this vulnerability remotely, potentially leading to unauthorized access to sensitive data. The vulnerability is tracked under VDB-249002 and emphasizes the importance of securing user input to prevent SQL injection.
Affected Version(s)
E-Commerce Website 1.0