CVE-2023-0673: SourceCodester Online Eyewear Shop sql injection
First published: Sat Feb 04 2023(Updated: )
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file oews/?p=products/view_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The associated identifier of this vulnerability is VDB-220195.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Online Eyewear Shop Project Online Eyewear Shop | =1.0 | |
| Oretnom23 Online Eyewear Shop | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/author
- agent/references
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/title
- agent/severity
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/online eyewear shop project
- canonical/online eyewear shop project online eyewear shop
- version/online eyewear shop project online eyewear shop/1.0
- vendor/oretnom23
- canonical/oretnom23 online eyewear shop
- version/oretnom23 online eyewear shop/1.0