Submit #366239: Hitout carsale V1.0 SQL Injection
| Title | Hitout carsale V1.0 SQL Injection |
|---|---|
| Description | SQL injection vulnerability in Hitout litemall v.1.0 allows a remote attacker to obtain sensitive information via the orderBy parameters of the OrderController.java component. |
| Source | ⚠️ https:/ |
| User | Tmac (UID 71244) |
| Submission | 06/29/2024 04:58 (2 years ago) |
| Moderation | 07/02/2024 06:52 (3 days later) |
| Status | Accepted |
| VulDB entry | 270166 [Hitout Carsale 1.0 OrderController.java orderBy sql injection] |
| Points | 15 |