Lucene search
+L

25 matches found

CVE
CVE
added 2026/07/05 9:15 a.m.21 views

CVE-2026-14734

SourceCodester Class and Exam Timetabling System 1.0 contains a SQL injection flaw in the edit_product.php file (vulnerable function handling ID). The vulnerability arises from manipulating the ID parameter, enabling remote exploitation. Exploitation details are published (in-the-wild PoC), with ...

7.5CVSS6.8AI score0.00412EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/03 6:31 p.m.3 views

EUVD-2025-37499

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...

6.1CVSS5.7AI score0.0026EPSS
Exploits1References2
OSV
OSV
added 2025/11/03 4:15 p.m.6 views

CVE-2025-63448

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...

6.1CVSS5.8AI score0.0026EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/03 12:0 a.m.9 views

CVE-2025-63448

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...

0.0026EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.4 views

Water-Management-System 安全漏洞

Water-Management-System is an inventory management system by the individual developer Dikshant Naik. A security vulnerability exists in Water-Management-System version 1.0, which originates from cross-site scripting in the file /editproduct.php?id=1...

6.1CVSS6.1AI score0.0026EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/03 12:0 a.m.1 views

CVE-2025-63448

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /editproduct.php?id=1...

5.8AI score0.0026EPSS
Exploits1References1
CVE
CVE
added 2025/11/03 12:0 a.m.13 views

CVE-2025-63448

Water Management System v1.0 is reported vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1. Concrete details appear across multiple sources (NVD, Red Hat, ENISA, CIRCL, CNNVD, CVE Lists) confirming a XSS issue affecting the /edit_product.php endpoint. The CVSS v3.1 base score is ...

6.1CVSS5.8AI score0.0026EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.9 views

Code-Projects Simple Food Ordering System 代码注入漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...

6.1CVSS5.9AI score0.00351EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2025/10/07 2:23 p.m.286 views

Exploit for CVE-2025-52021

CVE-2025-52021 — Time-Based Blind SQL Injection in PuneethRedd...

8.1AI score0.00309EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:0 a.m.3 views

EUVD-2025-32719

A SQL Injection vulnerability exists in the editproduct.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The productid GET parameter is unsafely passed to a SQL query without proper validation or parameterization...

7.4AI score0.00309EPSS
Exploits1References2
CVE
CVE
added 2025/10/07 12:0 a.m.11 views

CVE-2025-52021

CVE-2025-52021 affects PuneethReddyHC Online Shopping System Advanced 1.0, specifically edit_product.php where the GET parameter product_id is interpolated into a SQL statement without validation or parameterization, enabling SQL Injection. The issue has been demonstrated in public advisories/exp...

9.8CVSS7.5AI score0.00309EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/03 10:29 p.m.14 views

CVE-2025-9797

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS7AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/01 10:2 p.m.14 views

CVE-2025-9797 mrvautin expressCart Edit Product edit injection

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS0.00246EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/01 10:2 p.m.2 views

CVE-2025-9797 mrvautin expressCart Edit Product edit injection

A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has be...

4.8CVSS6.6AI score0.00246EPSS
Exploits0References5
CVE
CVE
added 2025/09/01 10:2 p.m.38 views

CVE-2025-9797

The CVE-2025-9797 entry concerns mrvautin expressCart, impacting the Edit Product Page (/admin/product/edit/) where an injection vulnerability is triggered by an issue in an unknown function. Documents indicate the attack can be initialized remotely and that the exploit has been publicly disclose...

4.8CVSS6.6AI score0.00246EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/01 12:0 a.m.5 views

PT-2025-35513

Name of the Vulnerable Software and Affected Versions: expressCart versions prior to b31302f4e99c3293bd742c6d076a721e168118b0 Description: A vulnerability exists in the Edit Product Page component of expressCart. The issue involves an injection flaw within an unknown function of the...

4.8CVSS3.6AI score0.00246EPSS
Exploits0References10
CNVD
CNVD
added 2025/07/21 12:0 a.m.6 views

Dairy Farm Shop Management System edit-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productname in the file...

8.8CVSS7.1AI score0.00315EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.5 views

SourceCodester Web-based Pharmacy Product Management System 注入漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source Web-based pharmacy product management system. An injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System, which originates from a SQL injection due ...

8.8CVSS6.8AI score0.00443EPSS
Exploits1References5
CNVD
CNVD
added 2024/09/25 12:0 a.m.2 views

Dairy Farm Shop Management System Cross-Site Scripting Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pname parameter of the...

5.9CVSS6.2AI score0.00221EPSS
Exploits1References1
OSV
OSV
added 2024/09/23 1:15 p.m.5 views

CVE-2024-46241

PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting XSS via the pname parameter in addproduct.php and editproduct.php...

5.9CVSS5.8AI score0.00221EPSS
Exploits1References1
Rows per page
Query Builder