PT-2025-41706 · Jimit105 · Project-Online-Shopping-Website
Mahushuai
+1
·
Published
2025-10-12
·
Updated
2025-10-12
·
CVE-2025-11628
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:L/Au:M/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
jimit105 Project-Online-Shopping-Website versions up to 7d892f442bd8a96dd242dbe2b9bd5ed641e13e64
Description
A flaw exists in the Product Inventory Handler component of jimit105 Project-Online-Shopping-Website. The issue involves a SQL injection that occurs through manipulation of the
product code argument in the /delete.php file. This allows for remote exploitation. The exploit has been published. The product utilizes a rolling release model, and no specific version details for affected or updated releases are available.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Project-Online-Shopping-Website