Primary

Context

PhpIX 2012 Professional SQL Injection Vulnerability in Product Detail Page

Vulnerability

A SQL injection vulnerability has been identified in PhpIX 2012 Professional, specifically in the 'id' parameter of the product_detail.php file. This vulnerability allows remote attackers to manipulate database queries by injecting malicious SQL code, potentially leading to unauthorized access or modification of database information.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, send a request to the product_detail.php page with an injected SQL payload in the 'id' parameter. The injection can be crafted to manipulate the SQL query and exploit the application's database handling.

Added: Feb 3, 2026, 7:08 PM

Updated: Feb 3, 2026, 7:08 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

8.7

remediation

0.0

relevance

2.7

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

8.7

remediation

0.0

relevance

2.7

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PhpIX 2012 Professional SQL Injection Vulnerability in Product Detail Page

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating