EUVD-2025-21354Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-7609 is a critical SQL injection vulnerability in code-projects Simple Shopping Cart 1.0 affecting the /register.php endpoint via the ruser_email parameter. An unauthenticated remote attacker can exploit this to read, modify, or delete database contents, potentially compromising user data and application integrity. Public exploit code exists, increasing real-world exploitation risk.
Technical ContextAI
The vulnerability is a classic SQL injection flaw (CWE-74: Improper Neutralization of Special Elements used in an Output Command) in PHP-based web application code. The /register.php file fails to properly sanitize or parameterize SQL queries using user-supplied input from the ruser_email POST/GET parameter. Rather than using prepared statements with bound parameters, the application concatenates user input directly into SQL queries. Simple Shopping Cart 1.0 is a lightweight PHP e-commerce framework typically deployed on Apache/Nginx with MySQL/MariaDB backends. The lack of input validation and parameterized query usage represents a fundamental secure coding failure in the registration workflow.
RemediationAI
Immediate actions: (1) Upgrade Simple Shopping Cart to a patched version if available from the code-projects repository (verify with vendor); (2) If no patch exists, apply input validation: use prepared statements with parameterized queries for all SQL operations, specifically in /register.php for the ruser_email parameter; (3) Implement parameterized queries using MySQLi prepared statements or PDO with bound parameters instead of string concatenation; (4) Add input validation: enforce email format validation using filter_var($email, FILTER_VALIDATE_EMAIL) before database operations; (5) Apply principle of least privilege to database user credentials (restrict SQL injection impact); (6) Consider Web Application Firewall (WAF) rules to detect SQL injection patterns in the ruser_email parameter as a temporary layer. Long-term: migrate to a maintained e-commerce platform with modern secure coding practices.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today