CVE-2025-51970 | THREATINT

Description

A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-29 | Updated 2025-08-28 | Assigner mitre

References

gist.github.com/im4x/10738ee219d69024387737fb14cdba9f

github.com/...lnerability in Online Shopping System Advanced

cve.org (CVE-2025-51970)

nvd.nist.gov (CVE-2025-51970)

Download JSON