CVE-2025-51970 Information

Description

A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.

Reference

https://gist.github.com/im4x/10738ee219d69024387737fb14cdba9f

Related CNNVD

CNNVD-202508-407 (Published: 2025-08-06)