vendor:
AFFCommerce Shopping Cart
by:
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: AFFCommerce Shopping Cart
Affected Version From: 1.1.2004
Affected Version To: 1.1.2004
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
AFFCommerce Shopping Cart SQL Injection Vulnerabilities
AFFCommerce Shopping Cart is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Mitigation:
To mitigate these vulnerabilities, it is recommended to apply the latest patches and updates provided by the vendor. Additionally, input validation and parameterized queries should be implemented to prevent SQL injection attacks.