Online Bidding System showprod.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /showprod.php. An attacker can exploit this vulnerability to execute...

CVE-2025-6472 code-projects Online Bidding System showprod.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Online Bidding System 1.0. Affected by this issue is some unknown functionality of the file /showprod.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploi...

CVE-2025-6472 code-projects Online Bidding System showprod.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Online Bidding System 1.0. Affected by this issue is some unknown functionality of the file /showprod.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploi...

CVE-2025-6472

CVE-2025-6472 affects code-projects Online Bidding System 1.0, specifically the file /showprod.php where the ID parameter is unsafely handled. The root cause is a SQL injection vulnerability that can be triggered by manipulating the ID argument, with remote attack potential. Multiple connected so...