5 matches found
CVE-2025-9025
The CVE concerns code-projects Simple Cafe Ordering System 1.0. The vulnerability exists in portal.php where the ID parameter is used unsafely, allowing SQL injection. The attack can be launched remotely and the exploit has been publicly disclosed. Connected sources corroborate the same flaw acro...
CVE-2025-13201
The CVE-2025-13201 entry concerns Code-projects’ Simple Cafe Ordering System 1.0. A SQL injection vulnerability exists in the login.php file, arising from improper handling of the Username parameter. The issue can be exploited remotely, and an exploit is publicly available. Affected component: lo...
CVE-2025-13203
Concrete details found: Simple Cafe Ordering System 1.0 has a vulnerability in /addmem.php where manipulating the studentnum parameter enables SQL injection. Remote exploitability is indicated, and multiple sources (NVD, Red Hat, CNVD, CNNVD, CVE lists, and Vuln enrichment) confirm the issue and ...
CVE-2025-13202
The CVE-2025-13202 entry concerns code-projects Simple Cafe Ordering System 1.0. A cross-site scripting vulnerability exists in the /add_to_cart mechanism, triggered by manipulating the product_name parameter in that file. The vulnerability is described as exploitable remotely, and public exploit...
CVE-2025-13571
CVE-2025-13571 affects Code-Projects Simple Food Ordering System 1.0, with a SQL injection vulnerability in /listorder.php triggered by manipulating the ID parameter. The issue is remotely exploitable, and public exploit information is cited in the initial data. Connected sources corroborate the ...