EUVD-2021-34790

Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the productid parameter. Attackers can craft malicious SQL queries using time-based or content-based blind injection...

CVE-2021-47928

Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the productid parameter. Attackers can craft malicious SQL queries using time-based or content-based blind injection...

CVE-2025-14249

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

EUVD-2005-4015

Malware in sbrugna...

EUVD-2006-0385

Malware in sbrugna...

EUVD-2006-6928

Malware in sbrugna...

EUVD-2019-16265

Malware in sbrugna...

EUVD-2009-4397

Malware in sbrugna...

EUVD-2009-4854

Malware in sbrugna...

CVE-2025-52021

A SQL Injection vulnerability exists in the editproduct.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The productid GET parameter is unsafely passed to a SQL query without proper validation or parameterization...

CVE-2025-52021

A SQL Injection vulnerability exists in the editproduct.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The productid GET parameter is unsafely passed to a SQL query without proper validation or parameterization...

CVE-2025-10087

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profitreport.php. Such manipulation of the argument productid leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-51969

A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the productid GET parameter, which is not properly validated before being included in a SQL statement...

CVE-2021-4208

The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the productid POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users...

CVE-2024-9974

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=addtocard of the component POST Request Handler. The manipulation of the argument productid leads to s...

CVE-2023-27637

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised productid GET parameter in order to exploit an insecure parameter in the front controller file designer.php, which could lead to a SQL...

Sql injection

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised productid GET parameter in order to exploit an insecure parameter in the front controller file designer.php, which could lead to a SQL...

VulnCheck KEV: CVE-2023-27637

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised productid GET parameter in order to exploit an insecure parameter in the front controller file designer.php, which could lead to a SQL...

CVE-2019-6707

PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state productid parameter...

Sql injection

PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state productid parameter...