CVE-2025-0199 | code-projects Point of Sales and Inventory Management System 1.0 /user/minus_cart.php id sql injection

Inserito da Angelo Barbosa | Gen 3, 2025 | CVE

A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minus_cart.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2025-0199. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-0199 | code-projects Point of Sales and Inventory Management System 1.0 /user/minus_cart.php id sql injection

Post correlati

CVE-2024-10704 | 10Web Photo Gallery Plugin up to 1.8.30 on WordPress Setting cross site scripting

CVE-2024-47416 | Adobe Animate up to 23.0.7/24.0.4 integer overflow (apsb24-76)

CVE-2023-40287 | Supermicro X11SSM-F/X11SAE-F/X11SSE-F 1.66 cross site scripting

CVE-2024-33271 | FME Modules eventsmanager Module up to 4.3.x on PrestaShop ps_customer information disclosure