CVE-2020-37081

CVE-2020-37081 describes multiple remote SQL injection vulnerabilities in Fishing Reservation System 7.5, affecting admin.php, cart.php, and calendar.php. The vulnerabilities allow attackers to inject SQL via parameters such as uid, pid, type, m, y, and code, potentially compromising the database...

CVE-2020-37081

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

CVE-2024-44661

PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting XSS via the quantity parameter in my-cart.php...

CVE-2024-44661

PHPGurukul Online Shopping Portal 2.0 is vulnerable to Cross Site Scripting XSS via the quantity parameter in my-cart.php...

EUVD-2007-2326

Malware in sbrugna...

EUVD-2005-3152

Malware in sbrugna...

EUVD-2006-1353

Malware in sbrugna...

EUVD-2021-30102

Malicious code in bioql PyPI...

EUVD-2025-15695

Malicious code in bioql PyPI...

Online Shoe Store cart.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter qty in the file /cart.php. The vulnerability can be exploited to execute illegal SQL...

CVE-2025-6304

The CVE-2025-6304 entry concerns code-projects Online Shoe Store 1.0, where the file /cart.php contains a vulnerable parameter qty[] that enables SQL injection. Multiple connected sources (CNVD/CNNVD/NVD etc.) confirm this SQL injection vector can be exploited remotely and that the exploit has be...

PT-2025-26272 · Unknown · Code-Projects Online Shoe Store

Name of the Vulnerable Software and Affected Versions: code-projects Online Shoe Store version 1.0 Description: A critical issue was found in the code-projects Online Shoe Store, affecting an unknown functionality of the file /cart.php. The manipulation of the qty argument leads to SQL injection...

CVE-2025-4930

CVE-2025-4930 affects Campcodes Online Shopping Portal 1.0, specifically the file /my-cart.php where manipulating the billingaddress argument leads to a SQL injection. The vulnerability is exploitable remotely and has public disclosure; multiple sources classify it as severe (critical to high/med...

CVE-2025-4930 Campcodes Online Shopping Portal my-cart.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /my-cart.php. The manipulation of the argument billingaddress leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-7067 kirilkirkov Ecommerce-Laravel-Bootstrap Cart.php getCartProductsIds deserialization

A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87. It has been rated as critical. Affected by this issue is the function getCartProductsIds of the file app/Cart.php. The manipulation of the argument laraCart leads to deserializatio...

CVE-2024-7067 kirilkirkov Ecommerce-Laravel-Bootstrap Cart.php getCartProductsIds deserialization

A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87. It has been rated as critical. Affected by this issue is the function getCartProductsIds of the file app/Cart.php. The manipulation of the argument laraCart leads to deserializatio...

Online Book System cart.php File SQL Injection Vulnerability

Online Book System is an online booking system. A SQL injection vulnerability exists in version 1.0 of the Online Book System due to a lack of validation of externally entered SQL statements in the quantity/remove parameter of the /cart.php file. An attacker can exploit this vulnerability to...

CVE-2024-3003

A vulnerability has been found in code-projects Online Book System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cart.php. The manipulation of the argument quantity/remove leads to sql injection. The attack can be launched remotely. The...

CVE-2023-43739 Online Book Store Project v1.0 - Unauthenticated SQL Injection (SQLi)

The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-43739 Online Book Store Project v1.0 - Unauthenticated SQL Injection (SQLi)

The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database...