Unrated severityNVD Advisory· Published Dec 23, 2025· Updated Dec 30, 2025
CVE-2025-65354
CVE-2025-65354
Description
Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.0
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.