CVE-2025-12215

Published
View on NVD ↗
CVSS v3
7.3
HIGH
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

juzidddd/SQL-Injection-Vulnerability-in-Projectworlds-PHP-Online-Shopping-System
juzidddd/SQL-Injection-Vulnerability-in-Projectworlds-PHP-Online-Shopping-System
Public disclosure of SQL injection vulnerability in Projectworlds Online Shopping System V1.0
GitHubGitHub