CVE-2025-4936 | projectworlds Online Food Ordering System 1.0 /admin-page.php 1_price sql injection

Inserito da Angelo Barbosa | Mag 18, 2025 | CVE

A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1_price leads to sql injection.

This vulnerability is traded as CVE-2025-4936. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4936 | projectworlds Online Food Ordering System 1.0 /admin-page.php 1_price sql injection

Post correlati

CVE-2024-41675 | ckan up to 2.10.4 datatables_view cross site scripting (GHSA-r3jc-vhf4-6v32)

CVE-2024-7654 | Progress OpenEdge up to 11.7.18/12.2.14/12.8.1 ActiveMQ Discovery Service cross site scripting

CVE-2023-6148 | Qualys Policy Compliance Connector Plugin up to 1.0.5 on Jenkins cross site scripting

CVE-2023-52486 | Linux Kernel up to 6.7.2 DRM drm_mode_page_flip_ioctl deadlock