CVE-2026-14654

Summary

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument user_id leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.

Affected Software

VendorProductVersion RangeStatus
SourceCodesterSimple and Nice Shopping Cart Script1.0affected

Weaknesses

  • CWE-89: SQL Injection
  • CWE-74: Injection

References