CVE-2018-25206

Publication date

2026-03-26 11:39:53

Family

VulnCheck

State

PUBLISHED

Description

KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the my_item_search parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based blind or error-based injection techniques.