2 matches found
CVE-2025-11424
CVE-2025-11424 affects code-projects Web-Based Inventory and POS System 1.0. The vulnerability lies in the login.php module, where manipulating the emailid parameter enables SQL injection. Exploitation can be performed remotely, and public disclosures exist. Affected component: login.php in Web-B...
CVE-2025-11431
Code-Projects Web-Based Inventory and POS System 1.0 contains an SQL injection in the /transaction.php file, triggered by manipulating the shopid parameter in an unknown function. Remote exploitation is possible, and public disclosure of the exploit is noted in multiple sources. Affected componen...