Itsourcecode · Online Petshop Management System · CVE-2025-14587
**Name of the Vulnerable Software and Affected Versions**
itsourcecode Online Pet Shop Management System version 1.0
**Description**
A flaw exists in itsourcecode Online Pet Shop Management System version 1.0 that allows for SQL injection. The issue is located in the file `/pet1/available.php`, specifically through manipulation of the `Name` parameter. This allows for remote execution of attacks. The exploit is publicly available.
**Recommendations**
Versions prior to 1.0 should be updated. As a temporary workaround, restrict access to the `/pet1/available.php` file to minimize the risk of exploitation.