CVE-2025-52021 | THREATINT

Description

A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter is unsafely passed to a SQL query without proper validation or parameterization.

PUBLISHED Reserved 2025-06-16 | Published 2025-10-07 | Updated 2025-10-08 | Assigner mitre

References

gist.github.com/...gemilang/c953d16c1459458667132e93359f3d6c

cve.org (CVE-2025-52021)

nvd.nist.gov (CVE-2025-52021)

Download JSON