CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-61548

SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34. Unsanitized user input is incorporated directly into SQL queries without proper parameterization or escaping. This vulnerability allows remote attackers to execute arbitrary SQL commands

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61548
https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61548

Products affected by CVE-2025-61548

Edubusinesssolutions » Print Shop Pro Webdesk » Version: 18.34

cpe:2.3:a:edubusinesssolutions:print_shop_pro_webdesk:18.34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-61548

Products

Pricing

Contact Us