Food Ordering Review System
CVE-2025-8018
LOW
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipulation of the argument reg_Id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
AnalysisAI
SQL injection in Food Ordering Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the reg_Id parameter in /user/reservation_page.php, with publicly available exploit code disclosed but low real-world exploitation risk due to CVSS 2.1 score, authentication requirement, and limited confidentiality impact.
Technical ContextAI
The vulnerability exists in a PHP-based food ordering and review application where user input from the reg_Id parameter is passed directly into SQL queries without proper parameterized statements or input validation. CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) indicates that special SQL metacharacters are not sanitized before being incorporated into database queries. This classic SQL injection pattern allows an authenticated user to manipulate SQL syntax, potentially extracting or modifying database records. The affected file /user/reservation_page.php processes reservation-related data, likely querying user records or reservation details based on the reg_Id input.
RemediationAI
No vendor-released patch identified at time of analysis. Primary remediation requires immediate application of input validation and parameterized SQL queries in /user/reservation_page.php, specifically for the reg_Id parameter and any other parameters processed by the affected endpoint. Upgrade to a patched version if released by the vendor (monitor code-projects.org for updates). As immediate compensating controls: (1) implement Web Application Firewall (WAF) rules to detect and block SQL injection patterns in the reg_Id parameter (note: this does not eliminate the underlying code flaw but reduces attack surface), (2) restrict database user permissions so the application account lacks permissions to execute administrative or cross-schema queries, limiting data an attacker can access even if SQL injection succeeds, (3) enable database query logging and monitoring to detect suspicious SQL patterns, and (4) limit application user account creation to trusted administrators only, reducing the pool of authenticated attackers who can exploit this vector. Long-term, the application maintainers must conduct a full source code review to identify similar injection flaws in other parameters mentioned as 'affected' in the description.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today