3 matches found
CVE-2025-13451
Summary: CVE-2025-13451 affects SourceCodester Online Shop Project 1.0. The vulnerability is an SQL injection in an unknown function within the file /action.php, triggered by manipulation of the Search argument. The issue can be exploited remotely and the exploit appears to be publicly available....
CVE-2025-13450
CVE-2025-13450 affects SourceCodester Online Shop Project 1.0. A vulnerability in the file /shop/register.php, via manipulation of the f_name argument, enables cross-site scripting. The flaw can be triggered remotely, and the exploit has been publicly disclosed. Several feeds (NVD, Red Hat, CVE l...
CVE-2025-13449
The CVE-2025-13449 entry concerns code-projects Online Shop Project 1.0. The vulnerability arises from improper handling of the Password parameter in the login.php processing, resulting in a SQL injection risk. Multiple connected sources (Red Hat, NVD, CVE lists, vulnerability enrichment) confirm...