EUVD-2025-28716

| CVE-2025-6315 HIGH
2025-06-20 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 00:19 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 00:19 euvd
EUVD-2025-28716
PoC Detected
Jun 26, 2025 - 21:10 vuln.today
Public exploit code
CVE Published
Jun 20, 2025 - 07:15 nvd
HIGH 7.3

Tags

PHP SQLi Online Shoe Store

Description

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cart2.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6315 is a critical SQL injection vulnerability in code-projects Online Shoe Store version 1.0, affecting the /cart2.php endpoint via an unsanitized ID parameter. An unauthenticated remote attacker can exploit this over the network with low complexity to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or denial of service. A public proof-of-concept has been disclosed and the vulnerability may be actively exploited.

Technical Context

This vulnerability stems from CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component), which manifests as SQL injection in the /cart2.php file. The Online Shoe Store application fails to properly sanitize or parameterize the ID parameter before incorporating it into SQL queries. This is a classic web application vulnerability where user-controlled input reaches SQL execution contexts without adequate escaping, prepared statements, or input validation. The affected product is code-projects Online Shoe Store 1.0, likely built with PHP (inferred from .php file extension) without modern ORM frameworks or parameterized query patterns.

Affected Products

code-projects Online Shoe Store version 1.0. No CPE string was provided in the source data, but the affected component is specifically the /cart2.php file parameter 'ID'. The vulnerability applies to all instances of version 1.0 running in standard configurations. No information indicates whether patched versions exist or if other versions are affected. The vendor (code-projects) should be contacted for patch status and supported upgrade paths.

Remediation

Immediate actions: (1) Apply input validation to the ID parameter—enforce expected data type (integer if numeric) and whitelist acceptable values; (2) Implement parameterized queries or prepared statements using PHP's mysqli or PDO with bound parameters to prevent SQL injection regardless of input; (3) Apply principle of least privilege to database credentials used by cart2.php; (4) Enable SQL error suppression in production to prevent information leakage. Medium-term: Update to a patched version of Online Shoe Store once available from code-projects. Implement Web Application Firewall (WAF) rules to detect and block SQL injection patterns in the ID parameter. Conduct a full security audit of other PHP files for similar injection vulnerabilities. Legacy mitigation (if upgrade unavailable): Use database-level restrictions and consider isolating the application or requiring VPN access.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

EUVD-2025-28716 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy