Sourcecodester Simple E-Commerce Bookstore vulnerabilities

CVE-2025-11480 [MEDIUM] CWE-74 CVE-2025-11480: A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register_username results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.

CVE-2025-11430 [MEDIUM] CWE-74 CVE-2025-11430: A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

CVE-2025-11476 [MEDIUM] CWE-74 CVE-2025-11476: A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an un A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.