EUVD-2025-21355
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.php. The manipulation of the argument user_email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Analysis
CVE-2025-7608 is a critical SQL injection vulnerability in code-projects Simple Shopping Cart 1.0 affecting the /userlogin.php endpoint's user_email parameter, allowing unauthenticated remote attackers to execute arbitrary SQL queries and potentially extract, modify, or delete database contents. The vulnerability has been publicly disclosed with proof-of-concept exploit code available, and while the CVSS score is 7.3 (moderate-to-high severity), the low attack complexity and lack of authentication requirements make this a high-priority exploit target for threat actors.
Technical Context
The vulnerability stems from improper input validation/sanitization in the /userlogin.php script's handling of the user_email POST/GET parameter, classified under CWE-74 (Improper Neutralization of Special Elements in Output—a broad category that in this context reflects insufficient parameterized query usage or escaping of SQL metacharacters). The affected product is code-projects Simple Shopping Cart version 1.0, a PHP-based e-commerce application. The root cause is the failure to use prepared statements or properly escape user-supplied input before incorporating it into SQL queries, allowing an attacker to inject arbitrary SQL commands through the user_email field during the login process.
Affected Products
[{'product': 'code-projects Simple Shopping Cart', 'versions': ['1.0'], 'affected_components': ['/userlogin.php (user_email parameter)'], 'cpe': 'cpe:2.3:a:code-projects:simple_shopping_cart:1.0:*:*:*:*:*:*:*', 'vendor': 'code-projects'}]
Remediation
[{'type': 'Patch', 'status': 'Unknown - No patch version identified in CVE data', 'action': 'Contact code-projects or check their official repository for security updates beyond version 1.0. If no patch exists, discontinue use of this unsupported software.'}, {'type': 'Mitigation - Input Validation', 'action': 'Implement strict input validation on the user_email parameter: whitelist alphanumeric characters, enforce email format validation using regex or native email validation libraries, and reject inputs containing SQL metacharacters (quotes, semicolons, comments).'}, {'type': 'Mitigation - Parameterized Queries', 'action': "Refactor /userlogin.php to use prepared statements or parameterized queries (e.g., PDO prepared statements in PHP) instead of string concatenation for SQL queries. Example: Use $pdo->prepare('SELECT * FROM users WHERE email = ?') with parameter binding."}, {'type': 'Mitigation - Database Hardening', 'action': "Restrict database user permissions to least privilege: remove unnecessary GRANT/DROP/CREATE permissions from the application's database account. Use a dedicated read-only database user for login queries if possible."}, {'type': 'Mitigation - WAF Rules', 'action': "Deploy Web Application Firewall rules to detect and block SQL injection patterns in the user_email parameter (e.g., rules matching UNION, SELECT, OR '1'='1, comment sequences)."}, {'type': 'Replacement', 'action': 'Migrate to a maintained e-commerce platform (e.g., WooCommerce, Shopify, Magento) with active security patches and established vulnerability disclosure processes.'}]
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today