Description
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument user_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Problem types
Product status
Timeline
| 2026-07-03: | Advisory disclosed |
| 2026-07-03: | VulDB entry created |
| 2026-07-03: | VulDB entry last update |
Credits
wangfuyuan (VulDB User)
References
vuldb.com/vuln/376166 (VDB-376166 | SourceCodester Simple and Nice Shopping Cart Script mensproductdeletequery.php sql injection)
vuldb.com/vuln/376166/cti (VDB-376166 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-14653 (CVE-2026-14653 | CVE Analysis and Report)
vuldb.com/submit/846701 (Submit #846701 | SourceCodester Simple and Nice Shopping Cart Script in PHP with Source Code 1.0 SQL Injection)
github.com/Yuesswor/cve/issues/3
www.sourcecodester.com/