CVE-2025-6307 – Code-projects Online Shoe Store SQL Injection Vulnerability

June 20, 2025

CVE ID : CVE-2025-6307

Published : June 20, 2025, 5:15 a.m. | 1 hour, 26 minutes ago

Description : A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/edit_customer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6308 – PHPGurukul Emergency Ambulance Hiring Portal SQL Injection Vulnerability

Next Article CVE-2025-6306 – Code-projects Online Shoe Store SQL Injection Vulnerability

Highlights

CVE-2025-47287 – Tornado Multipart Form Data Denial of Service Vulnerability

May 15, 2025

CVE ID : CVE-2025-47287

Published : May 15, 2025, 10:15 p.m. | 2 hours, 42 minutes ago

Description : Tornado is a Python web framework and asynchronous networking library. When Tornado’s “multipart/form-data“ parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Automating Design Systems: Tips And Resources For Getting Started

OpenAI releases two open weight reasoning models

Accelerate tool adoption with a developer experimentation framework

UX Job Interview Helpers

Yes, you can edit video like a pro on Linux – here are my 4 go-to apps

I tried Perplexity’s new reservation feature, and it surprised me with new dining spots to try

Your Samsung TV is getting a huge feature upgrade – 3 AI tools launching right now

This multi-card reader is one of the best investments I’ve made for my creative workflow

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Record and Replay Requests With Laravel ChronoTrace

How to Write Media Queries in Optimizely Configured Commerce (Spire)

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Canon imageFORMULA R40 Driver for Windows 11, 10 (Download)

Microsoft to End Support for Visual Studio 2015 This October

CVE-2025-6307 – Code-projects Online Shoe Store SQL Injection Vulnerability

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

CVE-2025-43860 – OpenEMR Stored Cross-Site Scripting (XSS) Vulnerability

Xbox and Bethesda officially announce The Elder Scrolls 4: Oblivion Remastered, and it’s available in Xbox Game Pass today

CVE-2025-53689 – Apache Jackrabbit XXE Injection Vulnerability

CVE-2025-53602 – Zipkin Spring Boot Actuator Heapdump Information Disclosure

CVE-2025-47287 – Tornado Multipart Form Data Denial of Service Vulnerability

CVE-2025-51660 – SemCms SQL Injection

CVE-2025-4488 – iSourcecode Gym Management System SQL Injection Vulnerability

Microsoft Patch Tuesday July 2025

CVE-2025-6307 – Code-projects Online Shoe Store SQL Injection Vulnerability

Related Posts