Online Shopping System Advanced Security Vulnerabilities and Issues — Online Shopping System Advanced CVE List

Lucene search

PuneethreddyhcOnline Shopping System Advanced

5 matches found

CVE•added 2025/07/29 3:15 p.m.•20 views

CVE-2025-51970

A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

7.7CVSS8.1AI score0.00024EPSS

CVE•added 2025/08/28 2:15 p.m.•7 views

CVE-2025-51971

A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inje...

5.4CVSS5.5AI score0.00041EPSS

CVE•added 2025/08/28 2:15 p.m.•6 views

CVE-2025-51968

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions.

6.5CVSS7.6AI score0.00029EPSS

CVE•added 2025/08/28 2:15 p.m.•6 views

CVE-2025-51969

A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the product_id GET parameter, which is not properly validated before being included in a SQL statement.

6.5CVSS7.5AI score0.00029EPSS

CVE•added 2025/08/28 2:15 p.m.•5 views

CVE-2025-51972

A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

6.5CVSS7.7AI score0.00029EPSS