CVE-2023-50847

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 28, 2023

Updated: Jan 4, 2024

CWE ID 89

Summary

CVE-2023-50847 is a critical SQL Injection vulnerability affecting the Collne Inc. Welcart e-Commerce platform. The issue arises from the application's failure to neutralize special elements in SQL commands, creating an opportunity for attackers to inject malicious code and potentially gain unauthorized access to sensitive data. This vulnerability can affect Welcart e-Commerce versions from n/a through 2.9.3, making it essential for users to apply the necessary patches as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tzjtu_
https://www.cve.org/CVERecord?id=CVE-2023-50847
https://nvd.nist.gov/vuln/detail/CVE-2023-50847

Back to Vulnerability Database

CVE-2023-50847

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations