Online Shopping Portal is an open source online shopping portal. Online Shopping Portal is vulnerable to SQL injection in version 3.1, where an attacker can use the email parameter on the /check_availability.php endpoint to lack validation of external input SQL statements. An attacker can use this vulnerability to execute illegal SQL commands to steal sensitive database data.