TonyShavez

1 exploit Active since Jan 2026
CVE-2021-47811 EXPLOITDB CRITICAL text WORKING POC
grocery_crud < 2.0.1 - SQL Injection via order_by Parameter
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order_by[] parameter in POST requests to the ajax_list endpoint to potentially extract or modify database information.
CVSS 9.1