CVE-2024-2927

Name of the Vulnerable Software and Affected Versions code-projects Mobile Shop version 1.0

Description A critical issue has been found in the Login Page component, specifically in the Details.php file, where an unknown function is affected. The manipulation of the id argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For code-projects Mobile Shop version 1.0, as a temporary workaround, consider restricting access to the Details.php file or the Login Page component to minimize the risk of exploitation. Avoid using the id argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.