CVE-2025-15167 | itsourcecode Online Cake Ordering System 1.0 /detailtransac.php ID sql injection

Inserito da Angelo Barbosa | Dic 28, 2025 | CVE

A vulnerability marked as critical has been reported in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection.

This vulnerability is registered as CVE-2025-15167. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2025-15167 | itsourcecode Online Cake Ordering System 1.0 /detailtransac.php ID sql injection

Post correlati

CVE-2010-20122 | NetSarang Computer Xftp FTP Client up to up to 3.0 PWD stack-based overflow

CVE-2023-43318 | TP-Link TL-SG2210P 5.0 Build 20211201 Web Console tid/usrlvl access control

CVE-2024-35794 | Linux Kernel up to 6.7.11/6.8.2 dm-raid deadlock (af916cb66a80/eaa8fc9b0928/16c4770c75b1)

CVE-2024-28120 | Exafunction codeium-chrome up to 1.2.52 Service Worker access control (GHSA-8c7j-2h97-q63p)