PT-2025-41689 · Unknown · Simple Food Ordering System

Xmqaq

Publicado

2025-10-11

Atualizado

2025-10-20

CVE-2025-11603

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0

Description A flaw exists in the Simple Food Ordering System that allows for SQL injection. This issue is located in the /editproduct.php file, where manipulation of the Category argument can lead to exploitation. The attack can be initiated remotely and details of the exploit are publicly available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74CWE-89

Identificadores relacionados

CVE-2025-11603

Produtos afetados

Simple Food Ordering System

PT-2025-41689 · Unknown · Simple Food Ordering System

CVE-2025-11603

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12