25 matches found
CVE-2026-14734
SourceCodester Class and Exam Timetabling System 1.0 contains a SQL injection flaw in the edit_product.php file (vulnerable function handling ID). The vulnerability arises from manipulating the ID parameter, enabling remote exploitation. Exploitation details are published (in-the-wild PoC), with ...
EUVD-2025-37499
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...
CVE-2025-63448
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...
CVE-2025-63448
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...
Water-Management-System 安全漏洞
Water-Management-System is an inventory management system by the individual developer Dikshant Naik. A security vulnerability exists in Water-Management-System version 1.0, which originates from cross-site scripting in the file /editproduct.php?id=1...
CVE-2025-63448
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...
CVE-2025-63448
Water Management System v1.0 is reported vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1. Concrete details appear across multiple sources (NVD, Red Hat, ENISA, CIRCL, CNNVD, CVE Lists) confirming a XSS issue affecting the /edit_product.php endpoint. The CVSS v3.1 base score is ...
Code-Projects Simple Food Ordering System 代码注入漏洞
Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...
Exploit for CVE-2025-52021
CVE-2025-52021 — Time-Based Blind SQL Injection in PuneethRedd...
EUVD-2025-32719
A SQL Injection vulnerability exists in the editproduct.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The productid GET parameter is unsafely passed to a SQL query without proper validation or parameterization...
CVE-2025-52021
CVE-2025-52021 affects PuneethReddyHC Online Shopping System Advanced 1.0, specifically edit_product.php where the GET parameter product_id is interpolated into a SQL statement without validation or parameterization, enabling SQL Injection. The issue has been demonstrated in public advisories/exp...
CVE-2025-9797
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...
CVE-2025-9797 mrvautin expressCart Edit Product edit injection
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...
CVE-2025-9797 mrvautin expressCart Edit Product edit injection
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...
CVE-2025-9797
The CVE-2025-9797 entry concerns mrvautin expressCart, impacting the Edit Product Page (/admin/product/edit/) where an injection vulnerability is triggered by an issue in an unknown function. Documents indicate the attack can be initialized remotely and that the exploit has been publicly disclose...
PT-2025-35513
Name of the Vulnerable Software and Affected Versions: expressCart versions prior to b31302f4e99c3293bd742c6d076a721e168118b0 Description: A vulnerability exists in the Edit Product Page component of expressCart. The issue involves an injection flaw within an unknown function of the...
Dairy Farm Shop Management System edit-product.php File SQL Injection Vulnerability
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productname in the file...
SourceCodester Web-based Pharmacy Product Management System 注入漏洞
SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. An injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which originates from a SQL injection due ...
Dairy Farm Shop Management System Cross-Site Scripting Vulnerability
Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pname parameter of the...
CVE-2024-46241
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting XSS via the pname parameter in addproduct.php and editproduct.php...