PT-2026-55722 · Codeastro · Ecommerce-Website
Lchen-0
·
Published
2026-07-04
·
Updated
2026-07-04
·
CVE-2026-14639
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
A vulnerability has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /ecommerce-website-php/customer/my account.php?edit account. Such manipulation of the argument c name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ecommerce-Website