Vulnerability Details CVE-2020-24208
A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 87.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://packetstormsecurity.com/files/158684/Online-Shopping-Alphaware-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/48725
- https://www.sourcecodester.com/download-code?nid=14368&title=Online+Shopping+Alphaware+in+PHP%2FMysql
- https://packetstormsecurity.com/files/158684/Online-Shopping-Alphaware-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/48725
- https://www.sourcecodester.com/download-code?nid=14368&title=Online+Shopping+Alphaware+in+PHP%2FMysql
Products affected by CVE-2020-24208
-
cpe:2.3:a:online_shopping_alphaware_project:online_shopping_alphaware:1.0