Product

TMD Vendor System 3.x

1 brief RSS

Opencart TMD Vendor System Blind SQL Injection Vulnerability (CVE-2021-47928)

Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability (CVE-2021-47928) that allows unauthenticated attackers to extract database information by injecting SQL code through the product_id parameter, potentially leading to account takeover and data exfiltration.

TMD Vendor System 3.x sql-injection cve-2021-47928 opencart web-application

2r 2t 1c 5m ago