CVE-2021-37593 – PEEL Shopping before 9.4.0.1 allows remote SQL injection. A public user/guest (unauthentic …

30 July 2021

Vuln ID: CVE-2021-37593

Published: 2021-07-30 14:15:18Z

Description: PEEL Shopping before 9.4.0.1 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to affect the execution of predefined SQL commands via the id parameter on the achat/produit_details.php?id={SQLi] endpoint. Upon a successful SQL injection attack, an attacker can read sensitive data from the database or modify database data.

Source: NVD.NIST.GOV

Date:

30 July 2021

Categorie(s):

NVD

Tag(s):

NVD

The Importance of OT Security: The Evolving Threat Landscape – Ken Townsend – CSP #17016 April 2024
20 iPhone tips you might not have seen16 April 2024
SIM swap crooks solicit T-Mobile US, Verizon staff via text to do their dirty work16 April 2024
New online data privacy legislation examined16 April 2024
Why identity has become a Trojan horse, and what to do about it16 April 2024