mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-30 02:00:45 +00:00
796 B
796 B
CVE-2023-38890
Description
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.