ГлавнаяУязвимости → CVE-2025-15167
7.3высокая

CVE-2025-15167

Описание

A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Затрагиваемое ПО
Admerc Online cake ordering system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/LaneyYu/cve/issues/6https://itsourcecode.com/https://vuldb.com/?ctiid.338546https://vuldb.com/?id.338546https://vuldb.com/?submit.721109