CVE Details
Basic Information
| Title | code-projects Food Ordering Review System signup_function.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-18T21:44:05.160Z |
| Modified | 2025-07-18T21:44:05.160Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Food Ordering Review System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical vulnerability in the Food Ordering Review System version 1.0 allows remote SQL injection attacks via the ‘fname’ argument in signup_function.php. This could lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | High |
| AI Vendor | code-projects |
| AI Product | Food Ordering Review System |
| AI Version | 1.0 |
Affected Products
- code-projects Food Ordering Review System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.