GCVE - cpe:2.3:a:carmelo:simple_stock_system:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:carmelo:simple_stock_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Carmelo (`6b035a27-935d-5e7e-afc6-e62cb1b98eda`)
Product	Simple Stock System (`cab8fba2-9d3c-5280-9155-72a1f8b629d5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-15243`	vulnerable	2026-06-03 14:58:56.692275	code-projects Simple Stock System login.php sql injection HIGH (7.3) A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Published: 2025-12-30T10:02:06.196Z Updated: 2026-02-24T06:16:01.032Z Open on db.gcve.eu Reference links https://vuldb.com/?id.338633 https://vuldb.com/?ctiid.338633 https://vuldb.com/?submit.725689 https://github.com/c13641462064-lgtm/sql_injection/issues/1 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-15011`	vulnerable	2026-06-03 14:58:56.332883	code-projects Simple Stock System logout.php sql injection HIGH (7.3) A vulnerability was found in code-projects Simple Stock System 1.0. Impacted is an unknown function of the file /logout.php. The manipulation of the argument uname results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Published: 2025-12-22T03:32:06.384Z Updated: 2026-02-24T06:02:41.696Z Open on db.gcve.eu Reference links https://vuldb.com/?id.337717 https://vuldb.com/?ctiid.337717 https://vuldb.com/?submit.719663 https://github.com/chunmingshanan/CVE/issues/1 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14968`	vulnerable	2026-06-03 14:58:56.231252	code-projects Simple Stock System update.php sql injection HIGH (7.3) A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. Published: 2025-12-19T20:02:06.387Z Updated: 2026-02-24T05:58:57.185Z Open on db.gcve.eu Reference links https://vuldb.com/?id.337603 https://vuldb.com/?ctiid.337603 https://vuldb.com/?submit.718433 https://github.com/z2sw57y/CVE/issues/1 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14962`	vulnerable	2026-06-03 14:58:56.216458	code-projects Simple Stock System chatuser.php cross site scripting MEDIUM (4.3) A flaw has been found in code-projects Simple Stock System 1.0. The impacted element is an unknown function of the file /market/chatuser.php. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. Published: 2025-12-19T18:32:08.426Z Updated: 2026-02-24T05:58:08.680Z Open on db.gcve.eu Reference links https://vuldb.com/?id.337598 https://vuldb.com/?ctiid.337598 https://vuldb.com/?submit.717640 https://vuldb.com/?submit.724795 https://github.com/wyxclcw/CVE/issues/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14959`	vulnerable	2026-06-03 14:58:56.212198	code-projects Simple Stock System signup.php sql injection HIGH (7.3) A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. Published: 2025-12-19T18:02:06.093Z Updated: 2026-02-24T05:57:57.140Z Open on db.gcve.eu Reference links https://vuldb.com/?id.337595 https://vuldb.com/?ctiid.337595 https://vuldb.com/?submit.717344 https://github.com/InorSogeih/Inor/issues/1 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14834`	vulnerable	2026-06-03 14:58:56.016414	code-projects Simple Stock System checkuser.php sql injection MEDIUM (6.3) A weakness has been identified in code-projects Simple Stock System 1.0. This affects an unknown function of the file /checkuser.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. Published: 2025-12-17T23:02:05.789Z Updated: 2026-02-24T05:52:43.393Z Open on db.gcve.eu Reference links https://vuldb.com/?id.336983 https://vuldb.com/?ctiid.336983 https://vuldb.com/?submit.715228 https://gist.github.com/b1uel0n3/06593fd15acd0f2f61c29c5595453755 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.