3 matches found
CVE-2025-11480
CVE-2025-11480 affects SourceCodester Simple E-Commerce Bookstore 1.0. The vulnerable component is an unknown function in /register.php, where manipulating the register_username parameter yields SQL injection. The issue enables remote exploitation and the exploit is public. Multiple connected sou...
CVE-2025-11430
The CVE affects SourceCodester Simple E-Commerce Bookstore 1.0 and specifically the /cart.php file where manipulating the remove parameter enables SQL injection. The issue’s root cause is improper handling/validation of the remove argument, allowing remote attacker input that can influence databa...
CVE-2025-11476
The CVE-2025-11476 vulnerability affects SourceCodester Simple E-Commerce Bookstore 1.0, arising from improper handling of the login_username parameter in /index.php that enables SQL injection. The issue is remote and publicly exploitable according to connected sources. Affected software/componen...