18 matches found
CVE-2025-12335
A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplierupdate.php. This manipulation of the argument suppname/suppaddress causes cross site scripting. The attack can be initiated remotely. The...
CVE-2025-12333 code-projects E-Commerce Website supplier_add.php cross site scripting
A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
PT-2025-44061
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for cross site scripting. The issue is located in the /pages/product add.php file. Manipulation of the prod name, prod...
PT-2025-44065
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in code-projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address argument within the file...
CVE-2025-11597
Summary: CVE-2025-11597 affects the code-projects E-Commerce Website 1.0. The vulnerability resides in the file /pages/product_add_qty.php, where the argument prod_id is not validated, leading to SQL injection. Multiple sources corroborate a remote-exploit scenario with publicly available exploit...
CVE-2025-11513
A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplierupdate.php. This manipulation of the argument suppid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and...
CVE-2025-11509
A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/productadd.php. Performing manipulation of the argument prodname results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-11511 code-projects E-Commerce Website supplier_add.php sql injection
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11511 code-projects E-Commerce Website supplier_add.php sql injection
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11511
CVE-2025-11511 affects the code-projects E-Commerce Website 1.0, specifically the file /pages/supplier_add.php. The vulnerability arises from insufficient validation/manipulation protection of the supp_email parameter, allowing SQL injection and enabling remote exploitation. Multiple sources note...
CVE-2025-11094
CVE-2025-11094 affects code-projects E-Commerce Website 1.0. The vulnerability resides in the pages/admin_product_details.php script, where manipulation of the prod_id parameter leads to a SQL injection. The issue is exploitable remotely and has publicly disclosed exploit information. Multiple so...
CVE-2025-11094 code-projects E-Commerce Website admin_product_details.php sql injection
A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/adminproductdetails.php. Such manipulation of the argument prodid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicl...
CVE-2025-11036
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11037 code-projects E-Commerce Website admin_index_search.php sql injection
A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/adminindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to th...
CVE-2025-11036 code-projects E-Commerce Website admin_account_update.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036 code-projects E-Commerce Website admin_account_update.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
PT-2025-38706
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 where manipulation of the user id argument in the file '/pages/admin account delete.php' can lead to SQL injection. This issue is...
PT-2023-32876 · Unknown · Code-Projects E-Commerce Website
Name of the Vulnerable Software and Affected Versions: code-projects E-Commerce Website version 1.0 Description: A critical issue was found in the code-projects E-Commerce Website, affecting an unknown functionality of the file product details.php. The manipulation of the prod id argument leads t...