← Back

Grocery Crud

grocery_crud

Vendor: Grocerycrud • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-47811
1Grocerycrud
1Grocery Crud
Feb 2, 2026
Jan 16, 2026
8.8 HIGH· v4
9.1 CRITICAL· v3
N/A· v2
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order_by[] parameter in...Show more
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the order_by[] parameter in POST requests to the ajax_list endpoint to potentially extract or modify database information.Show less