Unrated severityNVD Advisory· Published Feb 14, 2025· Updated Feb 14, 2025
CVE-2025-26156
CVE-2025-26156
Description
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = v2.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.