CVE-2026-5836

Affected software and entry point: code-projects Online Shoe Store 1.0, vulnerable via /admin/admin_product.php with manipulation of the product_name parameter. Vulnerability type: cross site scripting (XSS). Impact/conditions: remote initiation; affects user input handling in the admin context; ...

CVE-2025-13423

A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/adminproduct.php. Executing a manipulation of the argument productimage can lead to unrestricted upload. The attack may be launched remotely. The exploit has...

CVE-2025-12338

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/adminproduct.ph. Executing a manipulation of the argument pid can lead to sql injection. The attack may be launched remotely. The exploit has been made...

CVE-2025-8235

A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-6343 code-projects Online Shoe Store admin_product.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/adminproduct.php. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...