CVE-2025-0199

MEDIUM Year: 2025
CVSS v3 Score
6.5
Medium
CVSS v2 Score
6.5
Medium
Weakness Type
CWE-74
View all →

Vulnerability Description

A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minus_cart.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2015-10040

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Han...

CWE-742015

CVE-2016-0881

MEDIUM
CVSS:6.5(Medium)

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository informatio...

CWE-742016

CVE-2016-10761

MEDIUM
CVSS:6.5(Medium)

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.

CWE-742016

CVE-2016-6473

MEDIUM
CVSS:6.5(Medium)

A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux...

CWE-742016

CVE-2017-8458

MEDIUM
CVSS:6.5(Medium)

Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example...

CWE-742017

CVE-2019-3498

MEDIUM
CVSS:6.5(Medium)

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defau...

CWE-742019