CVE Details
Basic Information
| Title | Campcodes Retro Basketball Shoes Online Store contactus.php sql injection |
|---|---|
| Type | cve |
| Published | 2023-04-21T07:31:03.384Z |
| Modified | 2024-08-02T06:12:20.673Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Retro Basketball Shoes Online Store |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability in the contactus.php file of Campcodes Retro Basketball Shoes Online Store version 1.0 allows remote attackers to inject malicious SQL code via the email argument. This could lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Campcodes |
| AI Product | Retro Basketball Shoes Online Store |
| AI Version | 1.0 |
Affected Products
- Campcodes Retro Basketball Shoes Online Store 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical has been found in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file contactus.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-226971.