Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/01/06 1:13 p.m.14 views

CVE-2026-0591

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

6.5CVSS7.2AI score0.00315EPSS
Exploits1References1
OSV
OSV
added 2026/01/05 2:15 p.m.6 views

CVE-2026-0591

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

9.8CVSS5.7AI score0.00315EPSS
Exploits1References6
NVD
NVD
added 2026/01/05 2:15 p.m.12 views

CVE-2026-0591

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

9.8CVSS0.00315EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/01/05 1:2 p.m.5 views

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

6.5CVSS6.8AI score0.00315EPSS
Exploits1References6
CVE
CVE
added 2026/01/05 1:2 p.m.20 views

CVE-2026-0591

Code-projects Online Product Reservation System 1.0 contains a SQL injection vulnerability in the Cart Update Handler, specifically in the /app/checkout/update.php file’s unknown function. Manipulating the id/qty parameter can trigger the injection, enabling remote exploitation. Public exploit/Po...

9.8CVSS6.5AI score0.00315EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/01/05 1:2 p.m.31 views

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

6.5CVSS0.00315EPSS
Exploits1References6
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

mall-swarm authorization issue vulnerability (CNVD-2026-10881)

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from an improper authorization issue in the updateAttr function in the file /cart/update/attr. No detailed vulnerability details are available at this time...

6.5CVSS5.5AI score0.0021EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/14 2:3 p.m.4 views

CVE-2025-13114

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

6.5CVSS6.4AI score0.0021EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/13 3:30 p.m.4 views

EUVD-2025-169289

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

6.5CVSS6AI score0.0021EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/13 1:32 p.m.1 views

CVE-2025-13114 macrozheng mall-swarm attr updateAttr improper authorization

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

6.5CVSS6.2AI score0.0021EPSS
Exploits1References4
CVE
CVE
added 2025/11/13 1:32 p.m.10 views

CVE-2025-13114

The CVE-2025-13114 entry concerns macrozheng mall-swarm (versions up to 1.0.3). The vulnerability is in the updateAttr function of /cart/update/attr, allowing improper authorization and a remote attack. Public exploit material exists, and multiple feeds (Red Hat, EUVD/ENISA, CNNVD, CVE lists) cor...

6.5CVSS6.3AI score0.0021EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.4 views

mall-swarm 授权问题漏洞

mall-swarm is a microservice mall system. There is an authorization issue vulnerability in mall-swarm, which originates from an improper authorization issue in the updateAttr function in the file /cart/update/attr. No detailed vulnerability details are available at this time...

6.5CVSS6.6AI score0.0021EPSS
Exploits1References4
Rows per page
Query Builder