CVE-2025-6305 – Code-projects Online Shoe Store SQL Injection Vulnerability

June 20, 2025

CVE ID : CVE-2025-6305

Published : June 20, 2025, 4:15 a.m. | 2 hours, 26 minutes ago

Description : A vulnerability was found in code-projects Online Shoe Store 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_feature.php. The manipulation of the argument product_code leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6306 – Code-projects Online Shoe Store SQL Injection Vulnerability

Next Article CVE-2025-6304 – Code-projects Online Shoe Store SQL Injection

Highlights

CVE-2025-4420 – Vayu Blocks Stored Cross-Site Scripting (XSS) in WordPress

June 3, 2025

CVE ID : CVE-2025-4420

Published : June 3, 2025, 9:15 a.m. | 2 hours, 13 minutes ago

Description : The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘containerWidth’ parameter in all versions up to, and including, 1.3.1 due to a missing capability check on the vayu_blocks_option_panel_callback() function and insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-6305 – Code-projects Online Shoe Store SQL Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-31261 – Apple macOS User Data Access Permissions Vulnerability

CVE-2025-5478 – Sony XAV-AX8500 Bluetooth SDP Protocol Integer Overflow Remote Code Execution Vulnerability

I decided to change which sites appear first in Google Search — and it works on Chrome, Edge, or Firefox

CVE-2025-52187 – Apache GetProjectsIdea School Management System XSS

CVE-2025-4420 – Vayu Blocks Stored Cross-Site Scripting (XSS) in WordPress

LifelongAgentBench: A Benchmark for Evaluating Continuous Learning in LLM-Based Agents

MR Reporting tips, insights, Pharma industry trends

CVE-2025-30170 – ASPECT File Path Disclosure Vulnerability

CVE-2025-6305 – Code-projects Online Shoe Store SQL Injection Vulnerability

Related Posts