CVE-2025-51626

MEDIUM

Xiaoliuchu Pss.sale.com - SQL Injection

Title source: rule

Description

SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancel_order.php endpoint.

Exploits (1)

References (2)

Scores

CVSS v3 6.5
EPSS 0.0001
EPSS Percentile 1.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-89
Status published
Products (1)
xiaoliuchu/pss.sale.com 1.0
Published Jan 09, 2026
Tracked Since Feb 18, 2026