Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
digiSHOP 多个SQL注入漏洞
Vulnerability Description
digiSHOP 3.1.17及更早版本中存在多个SQL注入漏洞,远程攻击者可以通过(1)在cart.php内的c参数和(2)未明的搜索模块参数执行任意SQL命令或获取完整的安装路径。
CVSS Information
N/A
Vulnerability Type
N/A