SQL Injection Vulnerability in Simple Pizza Ordering System by Code-Projects
CVE-2025-6358

6.9MEDIUM

Key Information:

Vendor: Code-projects
Status: Simple Pizza Ordering System
Vendor: CVE Published:; 20 June 2025

🔔 Create Code-projects Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-6358?

A security flaw has been identified in the Simple Pizza Ordering System version 1.0, specifically within the /saveorder.php file. This vulnerability arises from improper handling of the ID parameter, allowing for SQL injection attacks. Remote attackers may exploit this weakness to manipulate database queries and gain unauthorized access to sensitive data. Public disclosure of the exploit has raised concerns regarding widespread vulnerability, making it imperative for affected users to take immediate action.

Affected Version(s)

Simple Pizza Ordering System 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-6358 - Proof of Concept