code-projects Food Ordering System menu.php sql injection_CVE-2025-12315

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2025-12315

Source VulDB

Published Oct 27, 2025 at 20:02

Modified Oct 27, 2025 at 20:21

Affected Product

Vendor code-projects

Product Food Ordering System

Version 1.0

Affected Versions code-projects Food Ordering System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2025-10-27T20:02:12.148Z",
    "modified": "2025-10-27T20:21:09.020Z",
    "type": "cve",
    "title": "code-projects Food Ordering System menu.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.329987\nhttps://vuldb.com/?ctiid.329987\nhttps://vuldb.com/?submit.677036\nhttps://github.com/kaka00666/food-ordering-cve/issues/2\nhttps://code-projects.org/",
    "id": "CVE-2025-12315",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "code-projects Food Ordering System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Food Ordering System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}