3 matches found
CVE-2025-2036
CVE-2025-2036 affects the s-a-zhd Ecommerce-Website-using-PHP 1.0. The vulnerability is an SQL injection in the details.php file via the pro_id parameter, which can be triggered remotely. The exploitation method is disclosed publicly in the linked records, and multiple sources classify the impact...
CVE-2025-2035
CVE-2025-2035 affects s-a-zhd Ecommerce-Website-using-PHP 1.0. The vulnerability is in /customer_register.php where manipulation of the argument name enables unrestricted upload. The issue can be exploited remotely, and the exploit has been disclosed publicly. No remediation details are provided ...
CVE-2025-2041
CVE-2025-2041 affects the web app “s-a-zhd Ecommerce-Website-using-PHP 1.0.” The vulnerability is a SQL injection in the file /shop.php triggered by manipulating the parameter p_cat . It is described as remotely exploitable and the exploit has been disclosed publicly. Connected sources (NVD, Red ...