Vulnerability Details CVE-2024-25248
SQL Injection vulnerability in the orderGoodsDelivery() function in Niushop B2B2C V5 allows attackers to run arbitrary SQL commands via the order_id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-25248
-
cpe:2.3:a:niushop:b2b2c_multi-business:5.0