Description
A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This vulnerability affects unknown code of the file /admin/userproductdeletequery.php. Performing a manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Problem types
Product status
Timeline
| 2026-07-14: | Advisory disclosed |
| 2026-07-14: | VulDB entry created |
| 2026-07-14: | VulDB entry last update |
Credits
huajuan (VulDB User)
References
vuldb.com/vuln/378250 (VDB-378250 | SourceCodester Simple and Nice Shopping Cart Script userproductdeletequery.php sql injection)
vuldb.com/vuln/378250/cti (VDB-378250 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-15703 (CVE-2026-15703 | CVE Analysis and Report)
vuldb.com/submit/856152 (Submit #856152 | SourceCodester Simple and Nice Shopping Cart Script in PHP 1.0 SQL Injection)
github.com/Wut-sys/cve/issues/1
www.sourcecodester.com/