CVE-2025-11431

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11431

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11431

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11431 code-projects Web-Based Inventory and POS System transaction.php sql injection

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-11431

Code-Projects Web-Based Inventory and POS System 1.0 contains an SQL injection in the /transaction.php file, triggered by manipulating the shopid parameter in an unknown function. Remote exploitation is possible, and public disclosure of the exploit is noted in multiple sources. Affected componen...

PT-2025-41222

Name of the Vulnerable Software and Affected Versions code-projects Web-Based Inventory and POS System version 1.0 Description A flaw exists in code-projects Web-Based Inventory and POS System. The issue is related to SQL injection, triggered by manipulating the shopid argument in a file named...

CVE-2025-1544

A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulation of the argument shopId leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2025-4754 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzuCMS version 1.0 Description: The issue allows a local attacker to execute arbitrary code due to incorrect filtering of content at the checkOrder.php shopId module. This enables the attacker to perform SQL injection attacks...

SQL Injection Vulnerability in YunGouCMS shopid

YunGouCMS is a website builder provided by Taurus Networks for the cloud purchasing model. YunGouCMS suffers from a SQL injection vulnerability. The lack of filtering of user input in the shopid parameter allows an attacker to exploit the vulnerability to obtain sensitive database information...

Sql injection

SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbitrary SQL commands via the shopid parameter in a view action...