CVE-2024-31821

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-31821

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31821.json

Published

2024-04-29T18:15:07Z

Modified

2024-05-14T20:12:09Z

Summary

[none]

Details

SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component.

References

https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da
https://gist.github.com/LioTree/5c963a37e2c335c22e74ca3d9aea32bb
https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html

Affected packages

Git / github.com/kirilkirkov/ecommerce-codeigniter-bootstrap

Affected ranges

Type: GIT
Repo: https://github.com/kirilkirkov/ecommerce-codeigniter-bootstrap
Events: Introduced

0The exact introduced commit is unknown

Fixed

d22b54e8915f167a135046ceb857caaf8479c4da