This vulnerability in bSecure - Your Universal Checkout (up to version 1.7.9) arises from improper neutralization of special elements used in SQL commands, enabling Blind SQL Injection attacks. The vulnerability is remotely exploitable without privileges or user interaction, and it can lead to high confidentiality impact and low availability impact. The CVSS vector indicates network attack vector, low attack complexity, no privileges required, no user interaction, and scope change. No vendor advisory or patch information is currently available.

Successful exploitation could allow an attacker to extract sensitive information from the backend database (confidentiality impact) and cause partial denial of service (availability impact). Integrity impact is not indicated. The vulnerability is critical due to the potential for data exposure and disruption of service.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider applying any recommended workarounds from the vendor and monitor for updates. Avoid exposing vulnerable versions to untrusted networks where possible.