CVE-2025-0176 Information

Description

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/add_cart.php. The manipulation of the argument id/qty leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://code-projects.org/ https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0 https://gist.github.com/Masamuneee/9c539b89dad40033a5037b744e394ae0 https://vuldb.com/?ctiid.290105 https://vuldb.com/?id.290105 https://vuldb.com/?submit.473347