CVE-2025-10802 code-projects Online Bidding System remove.php sql injection

A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10802

The CVE affects code-projects Online Bidding System 1.0, specifically the file /administrator/remove.php. The vulnerability arises from manipulation of the ID parameter, enabling SQL injection in an unknown function and allowing remote initiation of an attack. Multiple connected sources confirm t...

Code-Projects LifeStyle Store 安全漏洞

Code-Projects LifeStyle Store is an open source store software from Code-Projects. A security vulnerability exists in Code-Projects LifeStyle Store version 1.0, which stems from the operation of the parameter ID in the file /cartremove.php that can lead to SQL injection...

CVE-2021-43158

In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cartremove.php allows a remote attacker to remove any product in the customer's cart...