CVE-2025-0208

The CVE-2025-0208 entry affects code-projects Online Shoe Store 1.0, specifically the /summary.php page where the tid parameter enables SQL injection. The vulnerability is exploitable remotely, and multiple connected sources confirm the issue and its public disclosure. The root cause is lack of i...

CVE-2025-0205

CVE-2025-0205 affects code-projects Online Shoe Store 1.0. The vulnerability is a SQL injection in the /details2.php file, exploitable via manipulation of the id parameter. It is a network-based issue with remote exploitability and has been disclosed publicly. Root cause is lack of input validati...

CVE-2025-0206

CVE-2025-0206 affects code-projects Online Shoe Store v1.0. Affected component: /admin/index.php with improper access controls. Root cause: access-control manipulation enabling unauthorized access; attack surface is remote. Exploit has been disclosed publicly per initial description. Exploitation...

CVE-2025-0204

CVE-2025-0204 affects code-projects Online Shoe Store 1.0. The vulnerability is a SQL injection in the /details.php page caused by unsafely handling the id parameter, with remote exploitation and public disclosure. Several sources confirm the issue and severity. The PT-2025-3777 advisory addition...

CVE-2025-0207

CVE-2025-0207 : In code-projects Online Shoe Store 1.0, the vulnerability is a SQL injection in the file /function/login.php triggered by manipulating the password parameter. The issue is remote-exploitable and has publicly disclosed exploits. Multiple sources (NVD, CVE listings, CNVD, Red Hat ad...

CVE-2025-6305

CVE-2025-6305 affects code-projects Online Shoe Store 1.0. The vulnerability is an SQL injection in the admin feature file /admin/admin_feature.php, triggered by manipulating the product_code parameter. Root cause: lack of input validation in that parameter. Exploitation potential: remote and pub...

CVE-2025-6315

CVE-2025-6315 impacts code-projects Online Shoe Store 1.0. The vulnerability is in the /cart2.php file where the ID parameter is unsafely used, allowing SQL injection that can be triggered remotely. Multiple connected sources corroborate a SQL-injection issue originating from the ID argument, wit...

CVE-2025-6303

The CVE-2025-6303 entry concerns code-projects Online Shoe Store 1.0, where the file /contactus1.php handles user-submitted data. The root cause is lack of validation of the Message parameter, resulting in a SQL injection vulnerability. This can affect the application remotely and is described as...

CVE-2025-6304

The CVE-2025-6304 entry concerns code-projects Online Shoe Store 1.0, where the file /cart.php contains a vulnerable parameter qty[] that enables SQL injection. Multiple connected sources (CNVD/CNNVD/NVD etc.) confirm this SQL injection vector can be exploited remotely and that the exploit has be...

CVE-2025-6354

CVE-2025-6354 affects code-projects Online Shoe Store 1.0. The vulnerability is a SQL injection in the /function/customer_signup.php file, triggered by manipulating the email parameter due to lack of input validation. Multiple connected sources corroborate remote exploitation potential and public...

CVE-2025-6307

CVE-2025-6307 affects code-projects Online Shoe Store 1.0. Multiple sources describe a SQL injection in the edit_customer.php flow triggered by the firstname parameter, with remote feasibility and public disclosure. CNVD/CNNVD detail the vulnerability from lack of input validation in /function/ed...

CVE-2025-6316

The CVE-2025-6316 entry pertains to code-projects Online Shoe Store 1.0, where the admin_running.php file processes the qty argument. The vulnerability is a SQL injection in an unknown functionality of /admin/admin_running.php, exploitable remotely, with disclosure of exploits in public sources. ...

CVE-2025-6344

The CVE-2025-6344 entry concerns code-projects Online Shoe Store 1.0. Affected component: the file /contactus.php, where manipulating the email parameter enables SQL injection. This vulnerability can be exploited remotely, and multiple sources note that exploitation has been disclosed publicly. P...

CVE-2025-6343

The CVE-2025-6343 entry refers to code-projects Online Shoe Store 1.0, with a SQL injection in the admin path. Affected is an unknown function in /admin/admin_product.php where manipulating the pid parameter enables remote SQL injection and potential unauthorized database access. Public exploits ...

CVE-2025-6317

The CVE-2025-6317 issue affects code-projects Online Shoe Store 1.0, specifically the /admin/confirm.php file. The root cause is improper validation/manipulation of the ID parameter, enabling SQL injection that can be triggered remotely. Multiple connected sources describe this vulnerability and ...

CVE-2025-6306

The CVE-2025-6306 vulnerability affects code-projects Online Shoe Store 1.0, specifically the admin_index.php file. The issue arises from unsafely handled input in the Username parameter, enabling SQL injection through the web interface. Evidence from multiple connected sources indicates remote e...

CVE-2025-6342

CVE-2025-6342 affects code-projects Online Shoe Store 1.0. The vulnerability is a SQL injection in /admin/admin_football.php where the pid parameter is not properly validated, allowing remote exploitation and potential data disclosure. Several sources note the exploit has been disclosed publicly....