CVE-2025-4312

Name of the Vulnerable Software and Affected Versions SourceCodester Advanced Web Store version 1.0

Description A critical issue has been found in the processing of the file /productdetail.php. The manipulation of the prodid argument leads to SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For SourceCodester Advanced Web Store version 1.0, consider disabling the /productdetail.php file or restricting access to it until a patch is available. Avoid using the prodid argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.