CVE-2025-4173
published 2025-05-01CVE-2025-4173: A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_cart of the…
medium5.3CVSS 4.0
AVNACLATNPRLUINVCLVILVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_cart of the file /oews/classes/Master.php?f=delete_cart. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| builder.io | qwik-city | >= 0 < 1.13.0 | 1.13.0 |
| msrc | cbl2_vim_8.2.4081-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_vim_8.2.4006-1_on_cbl_mariner_1.0 | — | — |
| oretnom23 | online_eyewear_shop | — | — |
| sourcecodester | online_eyewear_shop | — | — |