CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

mall-swarm authorization issue vulnerability (CNVD-2026-10881)

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from an improper authorization issue in the updateAttr function in the file /cart/update/attr. No detailed vulnerability details are available at this time...

EUVD-2025-169289

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...