SQL Injection Vulnerability in Special Minds e-Commerce Allows Attacker Access
CVE-2024-7882
6.5MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 22 November 2024
What is CVE-2024-7882?
A vulnerability exists in the e-Commerce software from Special Minds Design, allowing for SQL Injection due to improper neutralization of special elements used in SQL commands. This could enable an attacker to execute unauthorized SQL commands, potentially compromising the database and exposing sensitive data. Users of versions prior to 22.11.2024 are encouraged to review system configurations and apply necessary security updates to mitigate the risk associated with this vulnerability.
Affected Version(s)
e-Commerce 0 < 22.11.2024