CVE-2023-4674

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection.

This issue affects E-Commerce Software: through 20231229. 

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
Yaztek Software Technologies and Computer SystemsE-Commerce Software0 <= 20231229affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References