CVE-2022-2957

Summary

A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
SourceCodesterSimple and Nice Shopping Cart Scriptn/aaffected

Weaknesses

  • CWE-89: CWE-89 SQL Injection -> CWE-74 Injection -> CWE-707 Improper Neutralization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References