PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

Basic Information

ID CVE-2026-5635

Source VulDB

Published Apr 6, 2026 at 07:45

Modified Apr 6, 2026 at 14:54

Affected Product

Vendor PHPGurukul

Product Online Shopping Portal Project

Version 2.1

Affected Versions PHPGurukul Online Shopping Portal Project 2.1

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.",
    "published": "2026-04-06T07:45:10.545Z",
    "modified": "2026-04-06T14:54:55.270Z",
    "type": "cve",
    "title": "PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/355423\nhttps://vuldb.com/vuln/355423/cti\nhttps://vuldb.com/submit/785872\nhttps://github.com/f1rstb100d/CVE/issues/15\nhttps://phpgurukul.com/",
    "id": "CVE-2026-5635",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Online Shopping Portal Project 2.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Shopping Portal Project",
    "version": "2.1",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection_CVE-2026-5635