ГлавнаяУязвимости → CVE-2025-52021
9.8критическая

CVE-2025-52021

Описание

A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter is unsafely passed to a SQL query without proper validation or parameterization.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://gist.github.com/hafizgemilang/c953d16c1459458667132e93359f3d6c