CVE-2025-51626 | pss.sale.com 1.0 cancel_order.php ID sql injection

January 10, 2026 Yanac

A vulnerability was found in pss.sale.com 1.0 and classified as critical. The impacted element is an unknown function of the file userfiles/php/cancel_order.php. Such manipulation of the argument ID leads to sql injection.

This vulnerability is listed as CVE-2025-51626. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-67810 | Area9 Rhapsode up to 1.47.3 POST Request operation/url/filename information disclosure
openSUSE: patch Moderate Upgrade addressing 5 Security Flaws 2026:20018-2