ГлавнаяУязвимости → CVE-2025-11070
7.3высокая

CVE-2025-11070

Описание

A vulnerability was identified in Projectworlds Online Shopping System 1.0. This affects an unknown part of the file /store/cart_add.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Затрагиваемое ПО
Projectworlds Online shopping system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/underatted/CVE/issues/5https://vuldb.com/?ctiid.326109https://vuldb.com/?id.326109https://vuldb.com/?submit.659660