CVE-2025-15407 | code-projects Online Guitar Store 1.0 Create_category.php dre_Ctitle sql injection

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability categorized as critical has been discovered in code-projects Online Guitar Store 1.0. This impacts an unknown function of the file /admin/Create_category.php. Such manipulation of the argument dre_Ctitle leads to sql injection.

This vulnerability is documented as CVE-2025-15407. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2025-15407 | code-projects Online Guitar Store 1.0 Create_category.php dre_Ctitle sql injection

Post correlati

CVE-2024-23191 | Open-Xchange OX App Suite up to 7.10.6-rev40 cross site scripting (adv-2024-0001)

CVE-2021-47698 | Nagios XI up to 5.8.6 Views URL cross site scripting

CVE-2025-15095 | postmanlabs httpbin up to 0.6.1 core.py cross site scripting (Issue 735)

CVE-2024-8131 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/apkg_mgr.cgi module_enable_disable f_module_name command injection (SAP10383)