ГлавнаяУязвимости → CVE-2025-14649
7.3высокая

CVE-2025-14649

Описание

A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the argument supplier results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

Затрагиваемое ПО
Admerc Online cake ordering system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/yihaofuweng/cve/issues/60https://itsourcecode.com/https://vuldb.com/?ctiid.336382https://vuldb.com/?id.336382https://vuldb.com/?submit.710247