First published: Thu Jul 22 2021(Updated: )
SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
E-commerce Website Project E-commerce Website | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-25205 is a SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 that allows remote attackers to execute arbitrary SQL statements.
CVE-2021-25205 is considered critical with a severity score of 9.8.
Version 1.0 of the E-commerce Website Project E-commerce Website is affected by CVE-2021-25205.
An attacker can exploit CVE-2021-25205 by sending specially crafted SQL statements via the update parameter to empViewUpdate.php.
A fix for CVE-2021-25205 is currently not available. It is recommended to apply security patches or updates from the vendor once they are released.