Lucene search
+L

33 matches found

CNNVD
CNNVD
added 2025/08/28 12:0 a.m.5 views

PuneethReddyHc Online Shopping System Advanced 安全漏洞

PuneethReddyHc Online Shopping System Advanced is an open source online shopping system from the individual developers at Puneeth Reddy HC in India. A security vulnerability exists in PuneethReddyHc Online Shopping System Advanced version 1.0, which stems from the proId parameter not being cleare...

6.5CVSS7.7AI score0.00227EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/28 12:0 a.m.12 views

CVE-2025-51968

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions...

0.00227EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/28 12:0 a.m.5 views

CVE-2025-51968

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions...

7.5AI score0.00227EPSS
Exploits1References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.3 views

Modern Bag action.php file SQL injection vulnerability

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter proId in file /action.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL comman...

9.8CVSS8.3AI score0.00399EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/12 12:0 a.m.6 views

Code-Projects Modern Bag 注入漏洞

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter proId in file /action.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL comman...

9.8CVSS8.2AI score0.00399EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/06/22 12:0 a.m.5 views

Code-Projects Online Shopping Store 安全漏洞

Code-Projects Online Shopping Store is a Code-Projects open source online store. A security vulnerability exists in Code-Projects Online Shopping Store version 1.0, which originates from SQL injection due to incorrect manipulation of the parameters catid/brandid/keyword/proId/pid in file/action.p...

7.2CVSS5.6AI score0.00466EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.7 views

CVE-2023-1736

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

8.8CVSS8.2AI score0.00439EPSS
Exploits0References1
OSV
OSV
added 2023/03/30 8:15 p.m.4 views

CVE-2023-1736

A vulnerability, which was classified as critical, has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected by this issue is some unknown functionality of the file cart/controller.php?action=add. The manipulation of the argument PROID leads to sql injection. The identifi...

8.8CVSS6.2AI score0.00439EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/30 12:0 a.m.4 views

Young Entrepreneur E-Negosyo System SQL注入漏洞

Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System for janobe individual developers. A security vulnerability exists in SourceCodester Young Entrepreneur E-Negosyo System version 1.0, which stems from an incorrect manipulation of the parameter PROID resulting in sql...

8.8CVSS6.4AI score0.00439EPSS
Exploits0References4
0day.today
0day.today
added 2021/11/22 12:0 a.m.400 views

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection Vulnerability

PuneethReddyHC Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability. CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection...

7.5CVSS8.2AI score0.10013EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/11/20 12:0 a.m.379 views

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. The proId parameter on the /action.php page does not sanitize the user input, an attacker can extract...

5CVSS7.5AI score0.10013EPSS
Exploits4
GithubExploit
GithubExploit
added 2021/09/30 6:16 a.m.219 views

Exploit for SQL Injection in Online-Shopping-System-Advanced_Project Online-Shopping-System-Advanced

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shoppin...

7.5CVSS8AI score0.10013EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2021/09/06 12:0 a.m.7 views

PT-2021-15923 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress plugin versions through 3.7.2 Description: The issue arises from the proid GET parameter not being properly sanitized, escaped, or validated before being inserted into a SQL statement. This leads to SQL injection. Recommendations: F...

7.2CVSS7.2AI score0.01547EPSS
Exploits2References5
Rows per page
Query Builder