Lucene search
+L

CVE-2025-14649

🗓️ 14 Dec 2025 07:32:05Reported by VulDBType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 13 Views🌐 WEB

CVE 2025: remote SQL injection in itsourcecode Online Cake Ordering System via supplier.php.

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
cnnvd
itsourcecode Online Cake Ordering System SQL注入漏洞
14 Dec 202500:00
cnnvd
cvelist
CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection
14 Dec 202507:32
cvelist
euvd
EUVD-2025-203287
14 Dec 202509:30
euvd
nvd
CVE-2025-14649
14 Dec 202508:15
nvd
osv
CVE-2025-14649
14 Dec 202508:15
osv
ptsecurity
PT-2025-51153
14 Dec 202500:00
ptsecurity
redhatcve
CVE-2025-14649
15 Dec 202507:35
redhatcve
vulnrichment
CVE-2025-14649 itsourcecode Online Cake Ordering System supplier.php sql injection
14 Dec 202507:32
vulnrichment
NVD
Vulners
[
  {
    "vendor": "itsourcecode",
    "product": "Online Cake Ordering System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
supplierquery param/cakeshop/supplier.phpSQL injection via supplier parameter in /cakeshop/supplier.phpCWE-74CWE-89

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 08:36Current
7.4High risk
Vulners AI Score7.4
CVSS 3.17.3 - 9.8
CVSS 46.9
CVSS 27.5
CVSS 37.3
EPSS0.00339
SSVC
13