CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-24027

SQL Injection vulnerability in Likeshop before 2.5.7 allows attackers to run abitrary SQL commands via the function DistributionMemberLogic::getFansLists.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 46.9%

CVSS Severity

CVSS v3 Score 7.2

References

https://samyueru.substack.com/p/cve-2024-24027-sql-injection-trong-likeshop
https://samyueru.substack.com/p/cve-2024-24027-sql-injection-trong-likeshop

Products affected by CVE-2024-24027

Likeshop » Likeshop » Version: N/A

cpe:2.3:a:likeshop:likeshop:-
Likeshop » Likeshop » Version: 2.5.0

cpe:2.3:a:likeshop:likeshop:2.5.0
Likeshop » Likeshop » Version: 2.5.1

cpe:2.3:a:likeshop:likeshop:2.5.1
Likeshop » Likeshop » Version: 2.5.2

cpe:2.3:a:likeshop:likeshop:2.5.2
Likeshop » Likeshop » Version: 2.5.3

cpe:2.3:a:likeshop:likeshop:2.5.3
Likeshop » Likeshop » Version: 2.5.4

cpe:2.3:a:likeshop:likeshop:2.5.4
Likeshop » Likeshop » Version: 2.5.5

cpe:2.3:a:likeshop:likeshop:2.5.5
Likeshop » Likeshop » Version: 2.5.6

cpe:2.3:a:likeshop:likeshop:2.5.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-24027

Products

Pricing

Contact Us