CVE-2023-38912

Name of the Vulnerable Software and Affected Versions Super Store Finder PHP Script version 3.6

Description A SQL injection issue allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter. This enables the attacker to potentially access and manipulate sensitive data.

Recommendations For Super Store Finder PHP Script version 3.6, as a temporary workaround, consider restricting access to the username parameter in the affected API endpoint until a patch is available. Avoid using the username parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.