Online shopping portal project
This hub aggregates every CVE we track for Online shopping portal project, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
0
Critical
5
High
0
In CISA KEV
Severity distribution
MEDIUM10HIGH5
Monthly trend
0
0
0
0
0
0
1
0
0
1
0
0
3
0
1
0
0
0
0
0
9
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Online shopping portal project.
- CVE-2026-5641PHPGurukul Online Shopping Portal Project Parameter update-image1.php sql injection6.3
- CVE-2026-5640PHPGurukul Online Shopping Portal Project Parameter update-image2.php sql injection6.3
- CVE-2026-5639PHPGurukul Online Shopping Portal Project Parameter update-image3.php sql injection6.3
- CVE-2026-5636PHPGurukul Online Shopping Portal Project Parameter cancelorder.php sql injection6.3
- CVE-2026-5635PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection6.3
- CVE-2026-5606PHPGurukul Online Shopping Portal Project Parameter order-details.php sql injection6.3
- CVE-2026-5583PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection6.3
- CVE-2026-5560PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection6.3
- CVE-2026-5552PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection6.3
- CVE-2025-61096PHPGurukul Online Shopping Portal Project v2.1 is vulnerable to SQL Injection in /shopping/login.php via the fullname parameter.6.5
- CVE-2025-9013PHPGurukul Online Shopping Portal Project password-recovery.php sql injection7.3
- CVE-2025-9012PHPGurukul Online Shopping Portal Project bill-ship-addresses.php sql injection7.3
- CVE-2025-9011PHPGurukul Online Shopping Portal Project signup.php sql injection7.3
- CVE-2025-5367PHPGurukul Online Shopping Portal Project category.php sql injection7.3
- CVE-2025-26156A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online Shopping Portal v2.1, which allows remote attackers to execute arbitrary code via orderid POST request par...8.8
Product normalization is registry-driven with AI assist and human review. How it works