Filtered by vendor Loadedcommerce
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-5140 | 1 Loadedcommerce | 1 Loaded7 | 2024-11-21 | 8.8 High |
| The bindReplace function in the query factory in includes/classes/database.php in Loaded Commerce 7 does not properly handle : (colon) characters, which allows remote authenticated users to conduct SQL injection attacks via the First name and Last name fields in the address book. | ||||
Page 1 of 1.