Critical Vulnerability in Itsourcecode E-Commerce Website 1.0 Affects Search_List.php File

CVE-2024-8139
9.8CRITICAL

Key Information

Vendor
Itsourcecode
Status
E-commerce Website
Vendor
CVE Published:
25 August 2024

Summary

A vulnerability has been found in itsourcecode E-Commerce Website 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file search_list.php. The manipulation of the argument user leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

E-Commerce Website = 1.0

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Risk change from: null to: 6.3 - (MEDIUM)

  • Vulnerability published.

  • VulDB entry last update

  • Advisory disclosed

  • Vulnerability Reserved.

  • VulDB entry created

Collectors

NVD DatabaseMitre Database

Credit

Thorat (VulDB User)
.