EUVD-2025-18718

| CVE-2025-6304 HIGH
2025-06-20 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 00:19 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 00:19 euvd
EUVD-2025-18718
PoC Detected
Jun 26, 2025 - 21:19 vuln.today
Public exploit code
CVE Published
Jun 20, 2025 - 04:15 nvd
HIGH 7.3

Tags

PHP SQLi Online Shoe Store

Description

A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argument qty[] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6304 is a critical SQL injection vulnerability in code-projects Online Shoe Store 1.0 affecting the /cart.php file's qty[] parameter, allowing unauthenticated remote attackers to execute arbitrary SQL queries and potentially extract, modify, or delete sensitive data. The vulnerability has been publicly disclosed with proof-of-concept exploits available, presenting immediate exploitation risk to unpatched instances of this e-commerce application.

Technical Context

The vulnerability exists in the cart.php file of the Online Shoe Store application, where user-supplied input from the qty[] (quantity array) parameter is improperly sanitized before being incorporated into SQL queries. This represents a classic CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection') vulnerability, specifically SQL injection. The lack of parameterized queries or input validation on array-based parameters allows attackers to inject malicious SQL syntax through the quantity field, potentially bypassing authentication and authorization controls. The affected product is code-projects Online Shoe Store version 1.0, a PHP-based e-commerce application that appears to use a traditional relational database backend without proper prepared statement implementation.

Affected Products

code-projects Online Shoe Store version 1.0. The specific affected component is /cart.php with vulnerable parameter: qty[]. CPE designation would be: cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*. No patch version information is publicly available in standard vulnerability databases, indicating this appears to be abandonware or unmaintained software. Affected organizations operating this application without active vendor support should prioritize immediate remediation.

Remediation

Immediate actions: (1) Apply input validation to qty[] parameters—use whitelist approach accepting only numeric values, rejecting special characters; (2) Implement parameterized queries/prepared statements for all database interactions in cart.php, replacing string concatenation with bound parameters; (3) If patches are unavailable from vendor (code-projects appears to lack active support), implement Web Application Firewall (WAF) rules blocking SQL injection patterns in cart requests; (4) Disable or isolate the Online Shoe Store application if not actively maintained and migrate to a supported e-commerce platform (WooCommerce, Magento, Shopify, etc.); (5) Conduct immediate database audit for unauthorized access or data exfiltration via this vector; (6) Apply principle of least privilege to database user account used by cart.php (remove administrative rights). Long-term: Migrate away from unsupported code-projects application to a actively maintained e-commerce solution.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

EUVD-2025-18718 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy