漏洞描述
Ecommerce-Website是完整的电子商务网站,带有使用 PHP 和 MySql 构建的管理面板。 Ecommerce-Website 1.0版本存在注入漏洞,该漏洞源于对参数pro_id的错误操作会导致SQL注入。
Ecommerce-Website 注入漏洞
PoC代码
暂无相关漏洞推荐
- Project-Online-Shopping-Website SQL注入漏洞
- Code-Projects E-Commerce Website SQL注入漏洞
- POC CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
- POC CVE-2012-4032: WebsitePanel before v1.2.2.1 - Open Redirect
- POC CVE-2021-24891: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting
- POC CVE-2022-1329: Elementor Website Builder - Remote Code Execution
- POC CVE-2022-29455: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
- POC CVE-2024-13726: Themes Coder Ecommerce <= 1.3.4 - SQL Injection
- POC azure-storage-static-website-review: Azure Storage Static Website Configuration Review
- POC gcloud-bucket-website-config-not-defined: Define Index Page Suffix and Error Page for Bucket Website Configuration
- POC turbo-website-installer: Turbo Website Reviewer Installer Panel
- POC avada-xss: WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting
- POC readymade-unilevel-sqli: Readymade Unilevel Ecommerce MLM - SQL Injection