18 matches found
CVE-2025-6938
CVE-2025-6938 affects code-projects Simple Pizza Ordering System 1.0. The vulnerability arises from SQL injection in the /editcus.php file via the ID parameter, with remote exploitation possible and exploit information publicly disclosed. Several sources describe the issue as critical/high risk d...
CVE-2025-6362
CVE-2025-6362 — code-projects Simple Pizza Ordering System 1.0 is affected by a SQL injection in the /editpro.php file, triggered by manipulating the ID parameter. The issue is described as enabling remote exploitation and may allow unauthorized data access. The root cause cited across sources is...
CVE-2025-6481
CVE-2025-6481 affects code-projects Simple Pizza Ordering System 1.0. The vulnerability exists in the processing of the file /update.php, where manipulating the ID parameter leads to SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. Multiple connected source...
CVE-2025-6483
CVE-2025-6483 affects the code-projects Simple Pizza Ordering System 1.0, with a SQL injection in the /edituser.php file via the ID parameter. The root cause is lack of input validation/external SQL statement validation, enabling remote exploitation and potentially data theft of the underlying da...
CVE-2025-6363
The CVE-2025-6363 entry concerns code-projects Simple Pizza Ordering System 1.0. Affected is the file /adding-exec.php, where the ingname parameter is unsafely handled, producing an SQL injection vulnerability. Descriptions across multiple sources consistently state remote exploitation is possibl...
CVE-2025-6482
CVE-2025-6482 affects the code-projects “Simple Pizza Ordering System” v1.0, specifically the file /edituser-exec.php where the parameter userid can be manipulated to trigger an SQL injection. The issue is exploitable remotely and has been disclosed publicly; multiple sources link it to data thef...
CVE-2025-6936
CVE-2025-6936 affects code-projects Simple Pizza Ordering System 1.0. The vulnerability is an SQL injection in the /addpro.php file caused by unsafely handling the ID parameter, enabling remote exploitation. Multiple sources (NVD, Red Hat, CNVD, CNVD, CNVDCN? etc.) confirm a critical issue in an ...
CVE-2025-6937
The CVE-2025-6937 entry concerns code-projects Simple Pizza Ordering System 1.0, with a vulnerability in the /large.php file. The issue arises from unsafely processing the ID parameter, enabling SQL injection. Several connected reports (CNVD, CNNVD, CVE records) confirm remote exploitation potent...
CVE-2025-6361
CVE-2025-6361 affects code-projects’ Simple Pizza Ordering System 1.0. The vulnerability is in the /adds.php file where the parameter userid is not validated, enabling SQL injection. It can be exploited remotely. Multiple sources corroborate a SQL injection path without exposing a specific patch/...
CVE-2025-6479
CVE-2025-6479 affects the Simple Pizza Ordering System 1.0, with the vulnerability located in /salesreport.php where the dayfrom parameter is exploited to perform SQL injection remotely. Impact is described as potentially enabling unauthorized data disclosure (high confidentiality/integrity/avail...
CVE-2025-6358
CVE-2025-6358 affects Code-Projects Simple Pizza Ordering System 1.0. The /saveorder.php file’s parameter ID is vulnerable to SQL injection due to lack of input validation, enabling remote exploitation. Multiple sources describe an attacker manipulating ID to execute arbitrary SQL, with potential...
CVE-2025-6360
CVE-2025-6360 affects Simple Pizza Ordering System v1.0, with a SQL injection in portal.php caused by unsafely handling the ID parameter. The vulnerability can be exploited remotely; multiple connected sources (CNVD, CNNVD, Red Hat, CVE lists, and PT-Security) report it and note public disclosure...
CVE-2025-6359
A SQL injection vulnerability (CVE-2025-6359) affects code-projects Simple Pizza Ordering System 1.0 in the cashconfirm.php file via the transactioncode parameter. The issue allows remote exploitation and can lead to unauthorized SQL command execution, potentially exposing or altering database da...
CVE-2025-6364
The CVE-2025-6364 entry concerns code-projects Simple Pizza Ordering System 1.0. A vulnerability exists in the /adduser-exec.php file where the Username parameter is not validated, enabling SQL injection. The issue is exploitable remotely over the network and is described with high/critical impac...
CVE-2025-6356
Affected software: code-projects Simple Pizza Ordering System 1.0. The vulnerability is a SQL injection in the file /addmem.php caused by lack of input validation. Impact is high confidentiality, integrity, and availability risks as an attacker could remotely exploit to execute arbitrary SQL. Exp...
CVE-2025-6480
CVE-2025-6480 affects code-projects Simple Pizza Ordering System 1.0, with a SQL injection vulnerability in the /addcatexec.php file caused by unsafely handling the textfield parameter. Multiple connected sources confirm remote exploitation potential, with exploit disclosure public. Impact is hig...
CVE-2025-6357
The CVE-2025-6357 entry concerns Code-Projects Simple Pizza Ordering System 1.0, where an SQL injection is triggered by manipulating the person parameter in /paymentportal.php. Exploitation is possible remotely and the vulnerability impacts confidentiality, integrity, and availability. Multiple c...
CVE-2025-13323
The CVE-2025-13323 affects code-projects Simple Pizza Ordering System 1.0, where manipulating the ID parameter in /listorder.php triggers an SQL injection. The issue is exploitable remotely and publicized, with high-severity CVSS scores (e.g., CVSS 3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base 9....