Lucene search
K
CarmeloSimple Stock System

6 matches found

CVE
CVE
added 2025/12/17 11:2 p.m.13 views

CVE-2025-14834

CVE-2025-14834 affects code-projects Simple Stock System 1.0. The vulnerability resides in the /checkuser.php function, where manipulating the Username parameter can cause a SQL injection. Exploitation can be performed remotely, and publicly available exploit code has circulated. Several connecte...

8.8CVSS6.4AI score0.00295EPSS
CVE
CVE
added 2025/12/19 6:2 p.m.13 views

CVE-2025-14959

The CVE-2025-14959 entry affects code-projects Simple Stock System 1.0. The vulnerability is in the signup flow, specifically in the handling of the Username argument in /market/signup.php, where manipulation can lead to SQL injection. Attacks are described as remotely executable, with proof-of-c...

9.8CVSS7.2AI score0.00323EPSS
Web
CVE
CVE
added 2025/12/22 3:32 a.m.13 views

CVE-2025-15011

CVE-2025-15011 affects Simple Stock System 1.0. The vulnerability resides in /logout.php where manipulating the uname parameter triggers a SQL injection. Multiple connected sources confirm remote exposure and that the exploit is public, enabling potential unauthorized access and data impact (CVE ...

9.8CVSS7.2AI score0.00322EPSS
CVE
CVE
added 2025/12/19 6:32 p.m.12 views

CVE-2025-14962

CVE-2025-14962 affects Code-Projects Simple Stock System 1.0. The flaw resides in an unknown function in the file /market/chatuser.php, enabling cross-site scripting. Exploitation is possible remotely and an exploit has been published. Public records (NVD, Red Hat, CVE List, EUVD, CNNVD, VulnDB e...

6.1CVSS5.3AI score0.00269EPSS
CVE
CVE
added 2025/12/19 8:2 p.m.11 views

CVE-2025-14968

CVE-2025-14968 affects Code-Projects Simple Stock System 1.0, specifically the /market/update.php file. The vulnerability arises from mishandling the email parameter, enabling SQL injection. The issue is exploitable remotely and an exploit has been publicly released. Multiple connected sources co...

9.8CVSS7.2AI score0.00333EPSS
Web
CVE
CVE
added 2025/12/30 10:2 a.m.10 views

CVE-2025-15243

CVE-2025-15243 affects Simple Stock System 1.0 via /market/login.php where manipulating the Username parameter enables SQL injection. Remote exploitation is possible and exploits have been published. Multiple sources describe the vulnerability and its potential impact on confidentiality, integrit...

9.8CVSS7.2AI score0.00412EPSS
Web