Submit #731095: code-projects Online Product Reservation system in PHP with source code V1.0 SQL Injectioninfo

Titlecode-projects Online Product Reservation system in PHP with source code V1.0 SQL Injection
DescriptionA critical SQL injection vulnerability exists in the shopping cart functionality. The application directly concatenates POST parameter and session variable into multiple SQL queries (SELECT, UPDATE, INSERT) without validation, allowing attackers to extract data and manipulate cart contents.
Source⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_left_cart.php.md
User
 Ho Cherry (UID 94105)
Submission01/03/2026 12:20 (3 months ago)
Moderation01/04/2026 08:01 (20 hours later)
StatusAccepted
VulDB entry339476 [code-projects Online Product Reservation System 1.0 left_cart.php ID sql injection]
Points18

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!