Simple Shopping Cart
Sign in to watchby Fabian
Source repositories
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-14248 | Hig | 0.47 | 7.3 | 0.00 | Dec 8, 2025 | A vulnerability was identified in code-projects Simple Shopping Cart 1.0. Impacted is an unknown function of the file /adminlogin.php. The manipulation of the argument admin_username leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |
| CVE-2025-7609 | Hig | 0.47 | 7.3 | 0.00 | Jul 14, 2025 | A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-7608 | Hig | 0.47 | 7.3 | 0.00 | Jul 14, 2025 | A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The manipulation of the argument user_email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-7607 | Hig | 0.47 | 7.3 | 0.00 | Jul 14, 2025 | A vulnerability, which was classified as critical, has been found in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Customers/save_order.php. The manipulation of the argument order_price leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2025-14247 | Med | 0.41 | 6.3 | 0.00 | Dec 8, 2025 | A vulnerability was determined in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Admin/additems.php. Executing manipulation of the argument item_name can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2025-14246 | Med | 0.41 | 6.3 | 0.00 | Dec 8, 2025 | A vulnerability was found in code-projects Simple Shopping Cart 1.0. This vulnerability affects unknown code of the file /Customers/settings.php. Performing manipulation of the argument user_id results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used. |