cvedb.io
CVE-2025-9749
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2025-08-31T23:15:30.053 · Last modified 2026-06-17T10:09:40.553

Summary

A vulnerability was identified in HKritesh009 Grocery List Management Web App up to f491b681eb70d465f445c9a721415c965190f83b. This affects an unknown part of the file /src/update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Affected products

hkritesh009 — grocery_list_management_web

Does this affect you?

Add your gear to cvedb and we'll alert you only when hkritesh009 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.