SQL Injection Vulnerability in Simple Pizza Ordering System by Code Projects
CVE-2025-6936

7.3HIGH

Key Information:

Vendor: Code Projects
Status: Simple Pizza Ordering System
Vendor: CVE Published:; 1 July 2025

🔔 Create Code Projects Vulnerability Alert

What is CVE-2025-6936?

A vulnerability exists in the Simple Pizza Ordering System 1.0 developed by Code Projects, specifically within the /addpro.php file. This flaw allows an attacker to manipulate the ID argument, leading to potential SQL injection. Such an attack can be executed remotely, raising serious security concerns for users of this web application. The exploit has been publicly disclosed, increasing the risk of attacks on systems using this software.

References

https://code-projects.org/

https://github.com/Catcheryp/CVE/issues/2

https://vuldb.com/?ctiid.314457

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2025