Back

Surecart

Source: Tenable

Published:

<p>SureCart version 4.1.0 and likely prior versions are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integration_id', 'provider') on the REST API endpoint '/surecart/v1/integrations/{id}'.</p> <p>The root cause is a flawed escaping bypass in the query

Read original article

Loading article...

Article not found