PT-2026-55722 · Codeastro · Ecommerce-Website

Lchen-0

·

Published

2026-07-04

·

Updated

2026-07-04

·

CVE-2026-14639

CVSS v3.1

6.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/my account.php?edit account. Such manipulation of the argument c name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploit

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14639

Affected Products

Ecommerce-Website