Submit #731128: code-projects Online Product Reservation System V1.0 SQL Injectioninfo

Titel	code-projects Online Product Reservation System V1.0 SQL Injection
Beschreibung	A critical SQL injection vulnerability exists in the shopping cart delete functionality. The application directly concatenates POST parameter into SQL DELETE query without validation, allowing attackers to extract database data and manipulate cart contents.
Quelle	⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_checkout_delete.php.md
Benutzer	Ho Cherry (UID 94105)
Einreichung	03.01.2026 17:37 (vor 3 Monaten)
Moderieren	04.01.2026 19:06 (1 day later)
Status	Akzeptiert
VulDB Eintrag	339500 [code-projects Online Product Reservation System 1.0 POST Parameter /app/checkout/delete.php ID SQL Injection]
Punkte	18

Do you want to use VulDB in your project?

Use the official API to access entries easily!