CVE Published: 26/09/2023 |
CVE Updated: 24/09/2024 |
CVE Year: 2023 Source: jpcert |
Vendor: Collne Inc. |
Product: Welcart e-Commerce Status : PUBLISHED
CVE-2023-43610 Description
SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.