CVE-2024-25248 | Niushop B2B2C V5 orderGoodsDelivery order_id sql injection

CVE-2024-25248 | Niushop B2B2C V5 orderGoodsDelivery order_id sql injection

A vulnerability was found in Niushop B2B2C V5 and classified as critical. Affected by this issue is the function orderGoodsDelivery. The manipulation of the argument order_id leads to sql injection. This vulnerability is handled as CVE-2024-25248. The attack can only be done within the local network. There is no exploit available.