Filtered by vendor Ashopsoftware
Subscriptions
Filtered by product Ashop Shopping Cart Software
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25391 | 1 Ashopsoftware | 1 Ashop Shopping Cart Software | 2026-02-23 | 8.2 High |
| Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functions to extract sensitive database information. | ||||
Page 1 of 1.