Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.
9.8CVSS
9.8AI Score
0.002EPSS
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart.
4.3CVSS
4.7AI Score
0.001EPSS