6 matches found
CVE-2025-7607
CVE-2025-7607 affects code-projects Simple Shopping Cart 1.0. The vulnerability is an SQL injection in the file /Customers/save_order.php caused by manipulation of the order_price (or order price) parameter, allowing remote exploitation. Public exploit details are indicated in sources, and multip...
CVE-2025-7608
CVE-2025-7608 affects code-projects Simple Shopping Cart 1.0. The vulnerability is in an unknown function of the file /userlogin.php , where manipulation of the parameter user_email leads to a SQL injection . It can be exploited remotely and the exploit has been disclosed publicly. Multiple sourc...
CVE-2025-7609
CVE-2025-7609 affects Code-Projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in the /register.php endpoint caused by unsafely handling the ruser_email parameter. Exploitation can be performed remotely and, per connected sources, the exploit has been publicly disclosed. Multi...
CVE-2025-14246
CVE-2025-14246 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in /Customers/settings.php triggered by manipulating the user_id parameter. Remote exploitation is possible and the exploit has been publicly disclosed. Advisories (CNVD/CNNVD/Red Hat) confirm the ...
CVE-2025-14248
CVE-2025-14248 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in adminlogin.php triggered by manipulating the admin_username parameter. The risk is remote and the exploit is publicly available. Multiple sources corroborate the issue and describe it as origina...
CVE-2025-14247
Product/Component : Simple Shopping Cart 1.0 (code-projects). Vulnerability : SQL injection in /Admin/additems.php caused by unvalidated manipulation of the item_name parameter. This issue enables remote execution of SQL statements and can lead to data leakage or modification as described across ...