SQL Injection in anirudhkannan Grocery Store Management System

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

SQL Injection in anirudhkannan Grocery Store Management System

CVE-2025-63939

Summary

A security issue in anirudhkannan Grocery Store Management System 1.0 allows attackers to manipulate data, potentially stealing sensitive information or disrupting the system. Users of this software should update to a fixed version to prevent unauthorized access. Immediate action is not required, but it's essential to stay up-to-date with security patches.

Original title

Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.

Original description

Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.

nvd CVSS3.1 9.8

Vulnerability type

CWE-89 SQL Injection

https://github.com/TREXNEGRO/Security-Advisories/tree/main/CVE-2025-63939

Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026