exploitDog

GHSA-xqj4-vchj-vm63

Опубликовано: 28 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions.

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions.

Ссылки

EPSS

Процентиль: 9%

0.00032

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-51968

CVSS3: 6.5

nvd

5 месяцев назад

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions.

EPSS

Процентиль: 9%

0.00032

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89