PHPGurukul Online Shopping Portal Project SQL Injection in /order-details.php

56% confidence

Description

A critical SQL injection vulnerability exists in PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is located in the /order-details.php file of the Parameter Handler component, triggered by manipulation of the 'orderid' argument. The attack can be launched remotely.

Affected Products

Vendor	Product	Versions
phpgurukul	online shopping portal project	2.1

Related News (1 articles)

Tier C

VulDB16h ago

VDB-355351 | PHPGurukul Online Shopping Portal Project 2.1 Parameter /order-details.php orderid sql injection

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-89

PublishedApr 4, 2026

Last enriched15h ago

Community Vote

0 upvotes0 downvotes

No votes yet

PHPGurukul Online Shopping Portal Project SQL Injection in /order-details.php

Description

Affected Products

Related News (1 articles)

Community Vote

Related CVEs (5)

Pin to Dashboard

Verification

Vulnerability Timeline