Improper Quantity Validation in ywxbear PHP Bookstore Website Example and PHP Basic BookStore Website
CVE-2025-11594
Key Information:
- Vendor
Ywxbear
- Vendor
- CVE Published:
- 11 October 2025
Badges
What is CVE-2025-11594?
A vulnerability in the ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website affects the handling of input in the Quantity Handler component found in /index.php. Due to the improper validation of quantities specified by users, an attacker may exploit this flaw remotely. This vulnerability poses a risk as it has been publicly disclosed, making it accessible for potential exploits. Continuous delivery mechanisms in this product complicate the identification of specific affected versions, underscoring the importance of immediate attention to security practices.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
PHP Basic BookStore Website 0e0b9f542f7a2d90a8d7f8c83caca69294e234e4
PHP-Bookstore-Website-Example 0e0b9f542f7a2d90a8d7f8c83caca69294e234e4
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved