mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-29 09:41:05 +00:00
844 B
844 B
CVE-2023-38890
Description
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.