GHSA-pj25-44r7-9g5gLowCVSS 6.3

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown...

Published
July 5, 2026
Last Modified
July 5, 2026

🔗 CVE IDs covered (1)

📋 Description

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoice_no results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

🔗 References (8)