📄 Description (English)
Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using time-based blind SQL injection techniques to extract sensitive database information.
🤖
Queued for AI Analysis
This CVE will be auto-analyzed on the next cron run.
🔗 References & Sources 3
🔗
https://www.exploit-db.com/exploits/47140
disclosure@vulncheck.com
Exploit
🔗
https://www.vulncheck.com/advisories/web-ofisi-platinum-e-ticaret-sql-injection-via-aja...
disclosure@vulncheck.com
Broken Link
🔗
https://www.web-ofisi.com/detay/platinum-e-ticaret-v5.html
disclosure@vulncheck.com
Product
📦 Affected Products / CPE 1 entries
web-ofisi:ticaret:5.0.0