CVE-2025-6479

| EUVD-2025-28739 HIGH
2025-06-22 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 21:55 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 21:55 euvd
EUVD-2025-28739
PoC Detected
Jun 25, 2025 - 19:19 vuln.today
Public exploit code
CVE Published
Jun 22, 2025 - 14:15 nvd
HIGH 7.3

Tags

PHP SQLi Remote Code Execution Simple Pizza Ordering System

Description

A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6479 is a critical SQL injection vulnerability in code-projects Simple Pizza Ordering System 1.0 affecting the /salesreport.php file parameter 'dayfrom'. An unauthenticated attacker can remotely execute arbitrary SQL queries with no user interaction required, potentially enabling data exfiltration, modification, or deletion. The vulnerability has been publicly disclosed with exploit proof-of-concept availability, increasing real-world exploitation risk.

Technical Context

The vulnerability stems from improper input validation and parameterization in PHP code handling the 'dayfrom' parameter in /salesreport.php. This represents a classic CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection') where user-supplied input is directly concatenated into SQL queries without sanitization or prepared statement usage. The affected product is Simple Pizza Ordering System version 1.0, a web-based PHP application for pizza ordering and sales reporting. The attack vector is the HTTP request parameter, making this exploitable through standard web browsers or automated tools without requiring authentication or special network positioning.

Affected Products

Product: Simple Pizza Ordering System; Version: 1.0; Component: /salesreport.php (dayfrom parameter); Attack Vector: HTTP GET/POST request parameter; Vendor: code-projects. CPE representation would be: cpe:2.3:a:code-projects:simple_pizza_ordering_system:1.0:*:*:*:*:*:*:*. No patched version information is available in the provided data, suggesting the product may be abandoned or unmaintained.

Remediation

Immediate actions: (1) Apply parameterized queries/prepared statements using PHP PDO or MySQLi with bound parameters - replace all direct SQL concatenation with parameterized queries; (2) Implement input validation on 'dayfrom' parameter to enforce expected format (e.g., date validation regex); (3) Apply principle of least privilege to database user credentials used by /salesreport.php - restrict to SELECT-only permissions where possible; (4) Deploy Web Application Firewall (WAF) rules to block common SQL injection patterns in the dayfrom parameter; (5) If vendor patching is unavailable, consider retiring this legacy software and migrating to maintained alternatives. Code fix example: Replace 'SELECT * FROM sales WHERE date >= ' . $_GET['dayfrom'] with prepared statement using placeholders. Monitor vendor (code-projects) for security advisories; legacy/unmaintained status suggests patching may not be forthcoming.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

CVE-2025-6479 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy