EUVD-2025-18730Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/confirm.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-6317 is a critical SQL injection vulnerability in code-projects Online Shoe Store version 1.0, affecting the /admin/confirm.php file's ID parameter. An unauthenticated remote attacker can execute arbitrary SQL commands with low complexity, potentially leading to unauthorized data access, modification, or service disruption. Public exploit disclosure and active attack feasibility significantly elevate real-world risk despite the moderate CVSS score of 7.3.
Technical ContextAI
The vulnerability stems from CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), specifically manifesting as SQL injection in a PHP-based e-commerce application. The /admin/confirm.php file fails to properly sanitize or parameterize user-supplied input in the ID parameter before incorporating it into SQL queries. This is a classic improper input validation issue where user-controlled data (ID parameter) is directly concatenated into SQL statements without using prepared statements, parameterized queries, or proper escaping. The affected product is code-projects Online Shoe Store 1.0, a small-scale e-commerce platform vulnerable in its administrative interface. CPE notation would be: cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*
RemediationAI
Immediate actions: (1) Implement input validation: whitelist ID parameter to accept only numeric values using regex or type casting (e.g., (int)$_GET['id']); (2) Use prepared statements with parameterized queries in all SQL operations—replace mysqli_query() or PDO execute() calls with prepared statement versions (mysqli_prepare() + bind_param() or PDO::prepare() + execute()); (3) Apply principle of least privilege to database user account executing queries (read-only for confirmation operations); (4) Disable direct web access to /admin/ directory if possible, or restrict via .htaccess (Deny from all) and authenticate via alternative mechanism; (5) Implement Web Application Firewall (WAF) rules to detect and block common SQL injection payloads (UNION-based, time-based blind, error-based); (6) Conduct full code audit of all user input handling in admin interface. Long-term: upgrade from Online Shoe Store 1.0 to a maintained e-commerce platform (Magento, WooCommerce, Prestashop) with security updates. No official vendor patch is available; contact code-projects development team for guidance.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today