CVE-2025-51968

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions...

CVE-2025-51968

The CVE-2025-51968 entry concerns PuneethReddyHC Online Shopping System Advanced 1.0, where the SQL Injection vulnerability arises in the action.php file due to unsanitized input in the proId POST parameter. The impact described is that attackers can inject arbitrary SQL expressions. No exploitat...

PuneethReddyHc Online Shopping System Advanced 安全漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system from the individual developers at Puneeth Reddy HC in India. A security vulnerability exists in PuneethReddyHc Online Shopping System Advanced version 1.0, which stems from the proId parameter not being cleare...

Modern Bag action.php file SQL injection vulnerability

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter proId in file /action.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL comman...

Code-Projects Modern Bag 注入漏洞

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter proId in file /action.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL comman...

Code-Projects Online Shopping Store 安全漏洞

Code-Projects Online Shopping Store is a Code-Projects open source online store. A security vulnerability exists in Code-Projects Online Shopping Store version 1.0, which originates from SQL injection due to incorrect manipulation of the parameters catid/brandid/keyword/proId/pid in file/action.p...

CVE-2023-1736

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

CVE-2023-1736

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

Young Entrepreneur E-Negosyo System SQL注入漏洞

Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System for janobe individual developers. A security vulnerability exists in SourceCodester Young Entrepreneur E-Negosyo System version 1.0, which stems from an incorrect manipulation of the parameter PROID resulting in sql...

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection Vulnerability

PuneethReddyHC Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability. CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection...

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. The proId parameter on the /action.php page does not sanitize the user input, an attacker can extract...

Exploit for SQL Injection in Online-Shopping-System-Advanced_Project Online-Shopping-System-Advanced

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shoppin...

PT-2021-15923 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress plugin versions through 3.7.2 Description: The issue arises from the proid GET parameter not being properly sanitized, escaped, or validated before being inserted into a SQL statement. This leads to SQL injection. Recommendations: F...