PT-2025-31033 · Code Projects · Code-Projects Online Ordering System

Name of the Vulnerable Software and Affected Versions: code-projects Online Ordering System version 1.0 Description: A critical vulnerability exists in code-projects Online Ordering System. The issue involves SQL injection, specifically through manipulation of the firstname argument in the...

Online Ordering System user.php File SQL Injection Vulnerability

Online Ordering System is an online ordering system. Online Ordering System has a SQL injection vulnerability that originates from an unfiltered parameter un in the /admin/user.php file that allows manipulation of database queries. No details of the vulnerability are available at this time...

CVE-2025-8236

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8236

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8236 code-projects Online Ordering System edit_product.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8236 code-projects Online Ordering System edit_product.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-8235

A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-8235

A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-8235 code-projects Online Ordering System product.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-8235 code-projects Online Ordering System product.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-8235

CVE-2025-8235 affects code-projects Online Ordering System 1.0. The vulnerability is a SQL injection in the /admin/product.php file, triggered by manipulating the Name parameter. This allows remote exploitation and has been publicly disclosed. Multiple connected sources (NVD, Red Hat, CVE lists, ...

CVE-2025-8234

A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletemember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-8233

A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8233

A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8234

A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletemember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-8234 code-projects Online Ordering System delete_member.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletemember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-8234

The CVE pertains to code-projects Online Ordering System 1.0. Affected component: /admin/delete_member.php. Root cause: manipulation of the ID parameter enables SQL injection. Impact: potential confidentiality, integrity, and availability harm; attack vector is remote and could be automated since...

CVE-2025-8234 code-projects Online Ordering System delete_member.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletemember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-8233 code-projects Online Ordering System user.php sql injection

A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The explo...

CVE-2025-8233 code-projects Online Ordering System user.php sql injection

A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The explo...