This page lists publicly disclosed CVE vulnerabilities affecting oretnom23 online_shop_project (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-13451 | A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | [email protected] | 5.5 | 0.35% | 2025-11-20 | 2026-06-17 |
| CVE-2025-13450 | A vulnerability was determined in SourceCodester Online Shop Project 1.0. Impacted is an unknown function of the file /shop/register.php. This manipulation of the argument f_name causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | [email protected] | 2.0 | 0.20% | 2025-11-20 | 2026-06-17 |
| CVE-2025-13449 | A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used. | [email protected] | 5.5 | 0.35% | 2025-11-20 | 2026-06-17 |