First published: Thu Aug 25 2022(Updated: )
A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Simple And Nice Shopping Cart Script Project Simple And Nice Shopping Cart Script |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-2957 is a critical vulnerability found in SourceCodester Simple and Nice Shopping Cart Script, allowing remote attackers to launch SQL injection attacks.
All versions of Simple and Nice Shopping Cart Script are affected by CVE-2022-2957.
CVE-2022-2957 has a severity rating of critical (9.8).
CVE-2022-2957 is associated with CWE IDs 89, 707, and 74.
To fix CVE-2022-2957, it is recommended to apply the latest security patches or updates provided by Simple and Nice Shopping Cart Script.