CVE-2025-6304 | code-projects Online Shoe Store 1.0 /cart.php qty[] sql injection

Inserito da Angelo Barbosa | Giu 19, 2025 | CVE

A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argument qty[] leads to sql injection.

This vulnerability is handled as CVE-2025-6304. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-6304 | code-projects Online Shoe Store 1.0 /cart.php qty[] sql injection

Post correlati

CVE-2023-52365 | Huawei HarmonyOS/EMUI Smart Activity Recognition Module out-of-bounds

CVE-2024-40503 | Tenda AX12 16.03.49.18_cn+ ICMP Packet denial of service

CVE-2024-54457 | FXC AE1021/AE1021PE up to 2.0.10 inclusion of undocumented features or chicken bits

CVE-2024-6785 | Moxa MXview One/MXview One Central Manger prior 1.3 Configuration File cleartext storage in a file or on disk