E-Commerce Website product_add.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodname in the file /pages/productadd.php. An attacker can exploit this vulnerability to...

CVE-2025-11509

A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/productadd.php. Performing manipulation of the argument prodname results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

code-projects E-Commerce Website SQL注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodname in the file /pages/productadd.php. An attacker can exploit this vulnerability to...