CVE-2025-65354
EUVD-2025-20483623.12.2025, 20:15
Improper input handling in /Grocery/search_products_itname.php inPuneethReddyHC event-management 1.0 permits SQL injection via the sitem_name POST parameter. Crafted payloads can alter query logic and disclose database contents. Exploitation may result in sensitive data disclosure and backend compromise.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| puneethreddyhc | event_management | 1.0 |
𝑥
= Vulnerable software versions