CVE-2025-6304 – Code-projects Online Shoe Store SQL Injection

June 20, 2025

CVE ID : CVE-2025-6304

Published : June 20, 2025, 4:15 a.m. | 2 hours, 26 minutes ago

Description : A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argument qty[] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6305 – Code-projects Online Shoe Store SQL Injection Vulnerability

Next Article CVE-2025-6301 – PHPGurukul Notice Board System Cross-Site Scripting Vulnerability

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-6304 – Code-projects Online Shoe Store SQL Injection

CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks

IBM QRadar SIEM Exposed by Trio of Security Flaws, Including Critical Command Execution Bug

Ubisoft says you don’t own your video games, read the fine print

CVE-2025-5424 – Juzaweb CMS Remote File Access Control Vulnerability

How To Begin A WordPress Blog: A Step-By-Step Guide For Beginners

An Introduction to PAPSS – Pan African Payment and Settlement System

JavaScript Algorithms – great for interview prep and foundational learning

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-47419 – Crestron Automate VX Insecure Communication Vulnerability

AMD’s RTX 5060 Ti competitor is rumored to launch in a couple of months with 8GB and 16GB models

CVE-2025-6304 – Code-projects Online Shoe Store SQL Injection

Related Posts