ГлавнаяУязвимости → CVE-2025-14249
7.3высокая

CVE-2025-14249

Описание

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /user_school.php. The manipulation of the argument product_id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

Затрагиваемое ПО
Fabian Online ordering system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://code-projects.org/https://github.com/zzb1388/cve/issues/93https://vuldb.com/?ctiid.334759https://vuldb.com/?id.334759https://vuldb.com/?submit.702465https://github.com/zzb1388/cve/issues/93