Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/22 1:34 p.m.7 views

CVE-2019-25440

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...

8.8CVSS5.9AI score0.00232EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.4 views

PT-2026-4820

Name of the Vulnerable Software and Affected Versions dcap-qvl versions prior to 0.3.9 Description The dcap-qvl library contains a flaw in its quote verification logic. The library retrieves QE Identity collateral from the PCCS, but fails to verify the QE Identity signature against its certificat...

9.3CVSS5.9AI score0.00208EPSS
Exploits0References12
CVE
CVE
added 2026/01/04 12:32 p.m.23 views

CVE-2026-0579

CVE-2026-0579 affects Code-Projects Online Product Reservation System 1.0. A SQL injection exists in the POST Parameter Handler for /handgunner-administrator/edit.php, triggered by manipulating the arguments prod_id, name, price, model, or serial. The vulnerability is exploitable remotely and pub...

9.8CVSS7.2AI score0.00374EPSS
Exploits1References6Affected Software1
CNVD
CNVD
added 2025/10/15 12:0 a.m.5 views

E-Commerce Website product_add_qty.php file SQL injection vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodid in file /pages/productaddqty.php. An attacker can exploit this vulnerability to execu...

9.8CVSS8.3AI score0.00359EPSS
Exploits1References1
NVD
NVD
added 2025/10/11 11:15 a.m.6 views

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

9.8CVSS0.00359EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/11 11:2 a.m.12 views

CVE-2025-11597 code-projects E-Commerce Website product_add_qty.php sql injection

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

6.5CVSS0.00359EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.6 views

PT-2025-41685

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 where manipulation of the prod id argument in the file /pages/product add qty.php can lead to SQL injection. This issue is potential...

6.5CVSS6.3AI score0.00359EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/09/29 3:40 a.m.9 views

CVE-2025-11094

A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/adminproductdetails.php. Such manipulation of the argument prodid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicl...

7.5CVSS7AI score0.00374EPSS
Exploits0References1
CVE
CVE
added 2025/09/28 3:32 a.m.17 views

CVE-2025-11094

CVE-2025-11094 affects code-projects E-Commerce Website 1.0. The vulnerability resides in the pages/admin_product_details.php script, where manipulation of the prod_id parameter leads to a SQL injection. The issue is exploitable remotely and has publicly disclosed exploit information. Multiple so...

9.8CVSS6.7AI score0.00374EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/09/28 3:32 a.m.8 views

CVE-2025-11094 code-projects E-Commerce Website admin_product_details.php sql injection

A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/adminproductdetails.php. Such manipulation of the argument prodid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicl...

7.5CVSS0.00374EPSS
Exploits0References5
CNVD
CNVD
added 2015/03/06 12:0 a.m.3 views

WordPress Photocrati Theme SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.Photocrati is one of the photography themes. A SQL injection vulnerability exists in the ecomm-sizes.php script in...

7.5CVSS8.6AI score0.04737EPSS
Exploits2References1
Rows per page
Query Builder