Description
A vulnerability was found in sheilazpy eShop. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is e096c5849c4dc09e1074104531014a62a5413884. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217572.
References (3)
Core 3
Core References
Permissions Required, Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.217572
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.217572
Patch, Third Party Advisory patch
https://github.com/sheilazpy/eShop/commit/e096c5849c4dc09e1074104531014a62a5413884
Scores
CVSS v3
5.5
EPSS
0.0064
EPSS Percentile
46.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-89
Status
published
Products (1)
eshop_project/eshop
< 2013-01-13
Published
Jan 06, 2023
Tracked Since
Feb 18, 2026