exploitDog

CVE-2025-51970

Опубликовано: 29 июл. 2025

Источник: nvd

CVSS3: 7.7

EPSS Низкий

Описание

A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

Ссылки

https://gist.github.com/im4x/10738ee219d69024387737fb14cdba9f
Exploit
Third Party Advisory
https://github.com/jairajparyani/CVE-s/blob/main/CVE-2025-51970%20%E2%80%93%20SQL%20Injection%20Vulnerability%20in%20Online%20Shopping%20System%20Advanced
Exploit
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:puneethreddyhc:online_shopping_system_advanced:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00022

Низкий

7.7 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-j4qh-gv6q-2rj5

CVSS3: 7.7

github

6 месяцев назад

A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

EPSS

Процентиль: 5%

0.00022

Низкий

7.7 High

CVSS3

Дефекты

CWE-89