SQL Injection Vulnerability in Sourcecodester Mobile Shop System in PHP MySQL 1.0

SQL Injection Vulnerability in Sourcecodester Mobile Shop System in PHP MySQL 1.0

CVE-2020-25905 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.