CVE Details
Basic Information
| Title | code-projects Simple Pizza Ordering System large.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-01T00:32:05.886Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Simple Pizza Ordering System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the ‘large.php’ file of the Simple Pizza Ordering System version 1.0. This allows remote attackers to inject malicious SQL code by manipulating the ‘ID’ argument, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | Simple Pizza Ordering System |
| Affected Version | 1.0 |
Affected Products
- code-projects Simple Pizza Ordering System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.