Lucene search
K

8 matches found

CNVD
CNVD
added 2025/10/13 12:0 a.m.5 views

E-Commerce Website edit_order_details.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter orderid in file /pages/editorderdetails.php. An attacker can exploit this vulnerability to...

9.8CVSS8.3AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/09 1:12 a.m.8 views

CVE-2025-11420

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

9.8CVSS7AI score0.00384EPSS
Exploits1References1
NVD
NVD
added 2025/10/08 1:15 a.m.6 views

CVE-2025-11420

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

9.8CVSS0.00384EPSS
Exploits1References5
OSV
OSV
added 2025/10/08 1:15 a.m.2 views

CVE-2025-11420

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

9.8CVSS5.8AI score0.00384EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/08 12:32 a.m.8 views

CVE-2025-11420 code-projects E-Commerce Website edit_order_details.php sql injection

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

7.5CVSS0.00384EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/08 12:32 a.m.4 views

CVE-2025-11420 code-projects E-Commerce Website edit_order_details.php sql injection

A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/editorderdetails.php. The manipulation of the argument orderid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

7.5CVSS6.8AI score0.00384EPSS
Exploits1References5
CVE
CVE
added 2025/10/08 12:32 a.m.21 views

CVE-2025-11420

CVE-2025-11420 affects code-projects E-Commerce Website 1.0. The vulnerability is a SQL injection in the /pages/edit_order_details.php handler, triggered by manipulating the order_id parameter. The issue originates from lack of input validation for an externally supplied SQL statement, allowing a...

9.8CVSS6.8AI score0.00384EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.12 views

code-projects E-Commerce Website SQL注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter orderid in file /pages/editorderdetails.php. An attacker can exploit this vulnerability to...

9.8CVSS7.8AI score0.00384EPSS
Exploits1References6
Rows per page
Query Builder