CVE-2021-47928

Opencart TMD Vendor System 3.x is affected by a blind SQL injection via the product_id parameter, allowing unauthenticated attackers to enumerate data from oc_user (usernames, emails, password reset codes). The vulnerability is described as a time-based/content-based blind injection with high con...

CVE-2021-47928

Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the productid parameter. Attackers can craft malicious SQL queries using time-based or content-based blind injection...

PT-2025-49556

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /user school.php. The manipulation of the argument product id results in sql injection. The attack may be performed from remote. The exploit has been released t...

PuneethReddyHc Online Shopping System Advanced 安全漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system by the individual developers of Puneeth Reddy HC in India. A security vulnerability exists in PuneethReddyHC Online Shopping System Advanced version 1.0, which stems from an unvalidated productid parameter and...