CVE-2025-11558
Severity
6.9MEDIUM
EPSS
0.0%
top 91.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 9
Description
A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N