Puneethreddyhc
puneethreddyhc
11 CVEs • 3 products
Products (3)
Click to collapseToggle
Products (3)
Click to collapse
CVEs (11)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and disclose database c...Show more |
1Puneethreddyhc 1Online Shopping System Advanced Dec 19, 2025 Dec 12, 2025 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the payment_success.php script that allows attackers to inject malicious SQL through the unfiltered 'cm' parameter. Attackers can exploit the...Show more |
1Puneethreddyhc 1Event Management System Oct 15, 2025 Oct 7, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A Cross-Site Scripting (XSS) vulnerability was found in the register.php page of PuneethReddyHC Event Management System 1.0, where the event_id GET parameter is improperly handled. An attacker can craft a malicious URL t...Show more |
1Puneethreddyhc 1Online Shopping System Advanced Sep 9, 2025 Aug 28, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter. |
1Puneethreddyhc 1Online Shopping System Advanced Sep 9, 2025 Aug 28, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response withou...Show more |
1Puneethreddyhc 1Online Shopping System Advanced Sep 9, 2025 Aug 28, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the product_id GET parameter, which is not properly validated before being inclu...Show more |
1Puneethreddyhc 1Online Shopping System Advanced Sep 9, 2025 Aug 28, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing atta...Show more |
1Puneethreddyhc 1Online Shopping System Advanced Nov 13, 2025 Jul 29, 2025 N/A· v4 7.7 HIGH· v3 N/A· v2 A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter. |
1Puneethreddyhc 1Event Management May 14, 2025 Apr 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a crafted POST request. |
1Puneethreddyhc 1Event Management May 14, 2025 Apr 7, 2024 N/A· v4 5.4 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/emai...Show more |
1Puneethreddyhc 1Event Management May 14, 2025 Apr 7, 2024 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument event_id/ful...Show more |