laosijivul/cve

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-13412 ↗	Nov 19, 2025Wednesday, 19 November 2025, 21:15	2.4 LOW	3.3 LOW
A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. Executing a manipulation of the argument product_name can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
CVE-2025-13410 ↗	Nov 19, 2025Wednesday, 19 November 2025, 21:15	7.3 HIGH	7.5 HIGH
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-13411 ↗	Nov 19, 2025Wednesday, 19 November 2025, 21:15	4.7 MEDIUM	5.8 MEDIUM
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Performing a manipulation of the argument product_image results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made public and could be used.