EUVD-2025-24652

Malicious code in bioql PyPI...

CVE-2025-8936 1000 Projects Sales Management System dordupdate.php sql injection

A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/dordupdate.php. The manipulation of the argument select2 leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-8935

CVE-2025-8935 affects the open-source product “1000 Projects Sales Management System” version 1.0. The vulnerability exists in an unknown functionality of the file /superstore/custcmp.php , where manipulating the Username parameter triggers a SQL injection. The impact is remote exploitation with ...

CVE-2025-8933 1000 Projects Sales Management System sales.php cross site scripting

A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2025-8933 1000 Projects Sales Management System sales.php cross site scripting

A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2025-8932

A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-8932 1000 Projects Sales Management System sales.php sql injection

A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

choicefurnituresuperstore.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-579600 Description| Value ---|--- Affected Website:| choicefurnituresuperstore.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

fitness-superstore.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-232132 Description| Value ---|--- Affected Website:| fitness-superstore.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...