CVE-2025-3555

CVE-2025-3555 affects ScriptAndTools eCommerce-website-in-PHP 3.0. The vulnerability resides in an unknown function in the file /login.php and leads to improper restriction of excessive authentication attempts. The issue is exploitable remotely with high attack complexity, and the exploit has bee...

CVE-2025-3557

ScriptAndTools eCommerce-website-in-PHP 3.0 is affected by a cross-site request forgery (CSRF) vulnerability impacting unknown functionality. The issue can be triggered remotely and multiple endpoints are affected. Public exploit information is noted, and the vendor has not responded to disclosur...

CVE-2025-3556

CVE-2025-3556 affects ScriptAndTools eCommerce-website-in-PHP 3.0. The vulnerability resides in an unknown functionality of /admin/login.php, where improper restriction of excessive authentication attempts can be exploited remotely. Documents consistently describe high attack complexity and high ...

CVE-2025-3975

Consolidated note: ScriptAndTools eCommerce-website-in-PHP version 3.0 contains a vulnerability in the admin/subscriber-csv.php processing. The issue allows information disclosure and can be exploited remotely (network vector). The PT-2025-18002 entry provides these concrete details; other connec...