Lucene search
K
FabianSimple Shopping Cart

6 matches found

CVE
CVE
added 2025/07/14 1:14 p.m.23 views

CVE-2025-7607

CVE-2025-7607 affects code-projects Simple Shopping Cart 1.0. The vulnerability is an SQL injection in the file /Customers/save_order.php caused by manipulation of the order_price (or order price) parameter, allowing remote exploitation. Public exploit details are indicated in sources, and multip...

9.8CVSS7.5AI score0.00399EPSS
Web
CVE
CVE
added 2025/07/14 1:32 p.m.21 views

CVE-2025-7608

CVE-2025-7608 affects code-projects Simple Shopping Cart 1.0. The vulnerability is in an unknown function of the file /userlogin.php , where manipulation of the parameter user_email leads to a SQL injection . It can be exploited remotely and the exploit has been disclosed publicly. Multiple sourc...

9.8CVSS7.6AI score0.00399EPSS
CVE
CVE
added 2025/07/14 1:44 p.m.21 views

CVE-2025-7609

CVE-2025-7609 affects Code-Projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in the /register.php endpoint caused by unsafely handling the ruser_email parameter. Exploitation can be performed remotely and, per connected sources, the exploit has been publicly disclosed. Multi...

9.8CVSS7.5AI score0.00399EPSS
CVE
CVE
added 2025/12/08 1:32 p.m.18 views

CVE-2025-14246

CVE-2025-14246 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in /Customers/settings.php triggered by manipulating the user_id parameter. Remote exploitation is possible and the exploit has been publicly disclosed. Advisories (CNVD/CNNVD/Red Hat) confirm the ...

9.8CVSS6.7AI score0.00282EPSS
Web
CVE
CVE
added 2025/12/08 2:32 p.m.10 views

CVE-2025-14248

CVE-2025-14248 affects code-projects Simple Shopping Cart 1.0. The vulnerability is a SQL injection in adminlogin.php triggered by manipulating the admin_username parameter. The risk is remote and the exploit is publicly available. Multiple sources corroborate the issue and describe it as origina...

9.8CVSS7.2AI score0.00339EPSS
CVE
CVE
added 2025/12/08 2:2 p.m.9 views

CVE-2025-14247

Product/Component : Simple Shopping Cart 1.0 (code-projects). Vulnerability : SQL injection in /Admin/additems.php caused by unvalidated manipulation of the item_name parameter. This issue enables remote execution of SQL statements and can lead to data leakage or modification as described across ...

9.8CVSS6.8AI score0.00282EPSS
Web