SourceCodester Online Eyewear Shop 1.0 Master.php?f=delete_product ID SQL Injection

Gaskiya vulnerability da aka ware a matsayin kura an samu a SourceCodester Online Eyewear Shop 1.0. Hakika, aikin delete_product ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil /classes/Master.php?f=delete_product, a cikin sashen $software_component. A sa manipulation of the argument ID ka SQL Injection. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-89. Hakika, rauni an bayyana shi 10/10/2024. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2024-9809. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

3 Goyarwa · 70 Datenpunkte

FurɗeSúgá
10/10/2024 10:39		Gargadi 1/2
10/10/2024 10:54		Gargadi 2/2
10/10/2024 10:57
software_vendorSourceCodesterSourceCodesterSourceCodester
software_nameOnline Eyewear ShopOnline Eyewear ShopOnline Eyewear Shop
software_version1.01.01.0
software_file/classes/Master.php?f=delete_product/classes/Master.php?f=delete_product/classes/Master.php?f=delete_product
software_functiondelete_productdelete_productdelete_product
software_argumentididid
vulnerability_cweCWE-89 (SQL Injection)CWE-89 (SQL Injection)CWE-89 (SQL Injection)
vulnerability_risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_ePPP
cvss3_vuldb_rcRRR
advisory_urlhttps://github.com/wuyanzu-lab/cve/blob/main/sql.mdhttps://github.com/wuyanzu-lab/cve/blob/main/sql.mdhttps://github.com/wuyanzu-lab/cve/blob/main/sql.md
exploit_availability111
exploit_publicity111
exploit_urlhttps://github.com/wuyanzu-lab/cve/blob/main/sql.mdhttps://github.com/wuyanzu-lab/cve/blob/main/sql.mdhttps://github.com/wuyanzu-lab/cve/blob/main/sql.md
source_cveCVE-2024-9809CVE-2024-9809CVE-2024-9809
cna_responsibleVulDBVulDBVulDB
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rcURURUR
cvss4_vuldb_avNNN
cvss4_vuldb_acLLL
cvss4_vuldb_uiNNN
cvss4_vuldb_vcLLL
cvss4_vuldb_viLLL
cvss4_vuldb_vaLLL
cvss4_vuldb_ePPP
cvss2_vuldb_auSSS
cvss2_vuldb_rlNDNDND
cvss3_vuldb_prLLL
cvss3_vuldb_rlXXX
cvss4_vuldb_atNNN
cvss4_vuldb_prLLL
cvss4_vuldb_scNNN
cvss4_vuldb_siNNN
cvss4_vuldb_saNNN
cvss2_vuldb_basescore6.56.56.5
cvss2_vuldb_tempscore5.65.65.6
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore5.75.75.7
cvss3_meta_basescore6.36.38.1
cvss3_meta_tempscore5.75.77.6
cvss4_vuldb_bscore5.35.35.3
cvss4_vuldb_btscore2.12.12.1
advisory_date1728511200 (10/10/2024)1728511200 (10/10/2024)1728511200 (10/10/2024)
price_0day$0-$5k$0-$5k$0-$5k
cvss3_researcher_avNN
cvss3_researcher_sCC
cvss3_researcher_aHH
cvss3_researcher_eXX
cvss3_researcher_rcRR
cvss3_researcher_uiNN
cvss3_researcher_prNN
cvss3_researcher_cHH
cvss3_researcher_iHH
cvss3_researcher_acLL
cvss3_researcher_rlXX
cvss3_researcher_basescore10.0

GurɗoGumtiGada

Interested in the pricing of exploits?

See the underground prices here!