CVE-2026-14653
Severity CVSS v4.0:
MEDIUM
Type:
CWE-74
Injection
Publication date:
04/07/2026
Last modified:
04/07/2026
Description
A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument user_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Impact
Base Score 4.0
5.50
Severity 4.0
MEDIUM
Base Score 3.x
7.30
Severity 3.x
HIGH
Base Score 2.0
7.50
Severity 2.0
HIGH



