PT-2025-35430 · Hkritesh009 · Grocery List Management Web App

0Xsebin

Published

2025-08-31

Updated

2025-09-01

CVE-2025-9749

Report an issue

CVSS v2.0

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions:

HKritesh009 Grocery List Management Web App (affected versions not specified)

Description:

A SQL injection issue exists in the `/src/update.php` file. Manipulation of the `ID` argument can trigger the issue, allowing for remote exploitation. The exploit is publicly available.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

SQL injection

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-9749

Affected Products

Grocery List Management Web App

PT-2025-35430 · Hkritesh009 · Grocery List Management Web App

Weakness Enumeration

Related Identifiers

Affected Products

References · 10