Grocerycrud - Grocery Crud - HIGH - CVE-2021-47811. The Grocery Crud version 1.6.4 is vulnerable to SQL injection via the 'order_by' parameter in POST requests at the ajax_list endpoint. This flaw enables remote attackers to craft malicious SQL queries, which can manipulate database operations, allowing unauthorized access to or modification of sensitive information. Proper sanitization and validation of input parameters are crucial to mitigate this risk. BADGES: 👾 EXPLOITED | 🟡 PoC | SecurityVulnerability.io