CVE-2025-11597 – code-projects E-Commerce Website product_add_qty.php sql injection

CVE ID : CVE-2025-11597

Published : Oct. 11, 2025, 11:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…