CVE ID :CVE-2018-25340 Published : May 23, 2026, 6:30 p.m. | 1 hour, 50 minutes ago Description :Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to category.php with UNION-based SQL injection payloads in the id parameter to extract sensitive database information including usernames and other data. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...