VULHUB ™

It has been reported that CFWebstore is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user input before including it in an SQL statement. As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.

It has been reported that CFWebstore is prone to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user input before including it in an SQL statement. As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.