CVE-2023-37772: SQL Injection
First published: Tue Aug 01 2023(Updated: )
Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Online Shopping Portal Project Online Shopping Portal | =3.1 | |
| PHPGurukul Online Shopping Portal | =3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-37772.
What is the severity of CVE-2023-37772?
The severity of CVE-2023-37772 is high.
What is the affected software version?
The affected software version is Online Shopping Portal Project v3.1.
How can the SQL injection vulnerability be exploited?
The SQL injection vulnerability can be exploited via the Email parameter at /shopping/login.php.
Are there any references related to CVE-2023-37772?
Yes, you can find references related to CVE-2023-37772 at http://phpgurukul.com/shopping-portal-free-download/, https://phpgurukul.com/, and https://github.com/anky-123/CVE-2023-37772/blob/main/CVE-2.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/event
- collector/nvd-latest
- collector/mitre-cve
- source/MITRE
- vendor/online shopping portal project
- canonical/online shopping portal project online shopping portal
- version/online shopping portal project online shopping portal/3.1
- vendor/phpgurukul
- canonical/phpgurukul online shopping portal
- version/phpgurukul online shopping portal/3.1