Unknown · Puneethreddyhc Online-Shopping-System-Advanced · CVE-2025-51970
**Name of the Vulnerable Software and Affected Versions**
PuneethReddyHC Online Shopping System Advanced version 1.0
**Description**
A SQL Injection issue exists due to improper sanitization of user-supplied input in the `keyword` POST parameter of the `/action.php` API endpoint.
**Recommendations**
Apply input sanitization to the `keyword` parameter in the `/action.php` endpoint.