CVE-2025-61096
- EPSS 0.03%
- Veröffentlicht 02.10.2025 15:15:58
- Zuletzt bearbeitet 07.10.2025 18:14:45
PHPGurukul Online Shopping Portal Project v2.1 is vulnerable to SQL Injection in /shopping/login.php via the fullname parameter.
CVE-2025-9013
- EPSS 0.03%
- Veröffentlicht 15.08.2025 06:15:28
- Zuletzt bearbeitet 21.08.2025 13:56:47
A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be i...
CVE-2025-9012
- EPSS 0.03%
- Veröffentlicht 15.08.2025 05:32:07
- Zuletzt bearbeitet 21.08.2025 14:19:00
A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to init...
CVE-2025-9011
- EPSS 0.03%
- Veröffentlicht 15.08.2025 05:15:30
- Zuletzt bearbeitet 21.08.2025 14:22:51
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be...
CVE-2025-5367
- EPSS 0.09%
- Veröffentlicht 31.05.2025 01:31:05
- Zuletzt bearbeitet 03.06.2025 15:33:39
A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument Product leads to sql injection. The atta...
CVE-2025-26156
- EPSS 0.69%
- Veröffentlicht 14.02.2025 17:15:22
- Zuletzt bearbeitet 02.04.2025 18:49:33
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request parameter.