6 matches found
CVE-2025-14834
CVE-2025-14834 affects code-projects Simple Stock System 1.0. The vulnerability resides in the /checkuser.php function, where manipulating the Username parameter can cause a SQL injection. Exploitation can be performed remotely, and publicly available exploit code has circulated. Several connecte...
CVE-2025-14959
The CVE-2025-14959 entry affects code-projects Simple Stock System 1.0. The vulnerability is in the signup flow, specifically in the handling of the Username argument in /market/signup.php, where manipulation can lead to SQL injection. Attacks are described as remotely executable, with proof-of-c...
CVE-2025-15011
CVE-2025-15011 affects Simple Stock System 1.0. The vulnerability resides in /logout.php where manipulating the uname parameter triggers a SQL injection. Multiple connected sources confirm remote exposure and that the exploit is public, enabling potential unauthorized access and data impact (CVE ...
CVE-2025-14962
CVE-2025-14962 affects Code-Projects Simple Stock System 1.0. The flaw resides in an unknown function in the file /market/chatuser.php, enabling cross-site scripting. Exploitation is possible remotely and an exploit has been published. Public records (NVD, Red Hat, CVE List, EUVD, CNNVD, VulnDB e...
CVE-2025-14968
CVE-2025-14968 affects Code-Projects Simple Stock System 1.0, specifically the /market/update.php file. The vulnerability arises from mishandling the email parameter, enabling SQL injection. The issue is exploitable remotely and an exploit has been publicly released. Multiple connected sources co...
CVE-2025-15243
CVE-2025-15243 affects Simple Stock System 1.0 via /market/login.php where manipulating the Username parameter enables SQL injection. Remote exploitation is possible and exploits have been published. Multiple sources describe the vulnerability and its potential impact on confidentiality, integrit...