Lucene search
+L

7 matches found

cnvd
cnvd
added 2025/10/15 12:0 a.m.5 views

E-Commerce Website user_index_search.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/userindexsearch.php. An attacker can exploit this vulnerability to...

9.8CVSS8.3AI score0.00441EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/10/10 9:27 p.m.6 views

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

9.8CVSS6.8AI score0.00441EPSS
Exploits1References1
euvd
euvd
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33554

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

7.5CVSS6.4AI score0.00441EPSS
Exploits1References6
nvd
nvd
added 2025/10/09 9:15 p.m.5 views

CVE-2025-11558

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

9.8CVSS0.00441EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/10/09 9:2 p.m.3 views

CVE-2025-11558 code-projects E-Commerce Website user_index_search.php sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...

7.5CVSS6.7AI score0.00441EPSS
Exploits1References5
cve
cve
added 2025/10/09 9:2 p.m.15 views

CVE-2025-11558

CVE-2025-11558 affects code-projects E-Commerce Website 1.0, specifically the /pages/user_index_search.php file where the Search parameter can be manipulated to trigger SQL injection. Multiple connected sources (CNVD-2025-23975, RH:CVE-2025-11558, CNNVD-202510-1254, NVD/CVE-2025-11558, CVELIST) d...

9.8CVSS6.7AI score0.00441EPSS
Exploits1References5Affected Software1
cnnvd
cnnvd
added 2025/10/09 12:0 a.m.6 views

Code-Projects E-Commerce Website SQL注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /pages/userindexsearch.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00441EPSS
Exploits1References6
Rows per page
Query Builder