Home

Description

SQL Injection vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the signup.inc.php endpoint. The application directly incorporates unsanitized user inputs into SQL queries, allowing unauthenticated attackers to bypass authentication and gain full access.

PUBLISHED Reserved 2025-09-26 | Published 2025-10-20 | Updated 2025-10-20 | Assigner mitre

References

github.com/tansique-17/CVE-2025-61455

cve.org (CVE-2025-61455)

nvd.nist.gov (CVE-2025-61455)

Download JSON