CVE-2025-7410 code-projects LifeStyle Store cart_remove.php sql injection

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been classified as critical. Affected is an unknown function of the file /cartremove.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2021-43157

Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cartremove.php...

CVE-2021-43158

In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cartremove.php allows a remote attacker to remove any product in the customer's cart...

Sql injection

Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cartremove.php...

CVE-2021-43157

The CVE-2021-43157 issue affects Projectworlds Online Shopping System PHP 1.0, where SQL injection is possible via the id parameter in cart_remove.php. The entry is supported by multiple connected records (e.g., NVD CVE-2021-43157 notes a SQL injection vulnerability). CVSS metrics indicate a high...

CVE-2021-43157

Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cartremove.php...

CVE-2021-43158

CVE-2021-43158 refers to a CSRF vulnerability in the ProjectWorlds Online Shopping System PHP 1.0, specifically in cart_remove.php, that enables a remote attacker to remove any product from a customer’s cart. The vulnerability is documented across multiple sources (NVD entry and CNVD/CVE records)...