EUVD-2025-18770
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Analysis
CVE-2025-6357 is a critical SQL injection vulnerability in code-projects Simple Pizza Ordering System version 1.0, specifically in the /paymentportal.php file where the 'person' parameter is not properly sanitized. An unauthenticated remote attacker can exploit this vulnerability with no user interaction required to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion of database contents. The vulnerability has been publicly disclosed with proof-of-concept code available, increasing the likelihood of active exploitation.
Technical Context
This vulnerability is rooted in CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component, 'Injection') and represents a classic SQL injection flaw. The /paymentportal.php endpoint fails to properly validate or parameterize user-supplied input from the 'person' parameter before incorporating it into SQL queries. The affected product is code-projects Simple Pizza Ordering System 1.0, a PHP-based web application commonly deployed in small business payment processing scenarios. The vulnerability allows attackers to manipulate SQL query logic by injecting malicious SQL syntax through the vulnerable parameter, bypassing authentication and access controls at the database level. This is particularly severe in payment processing contexts where sensitive customer and financial data resides.
Affected Products
Simple Pizza Ordering System version 1.0 by code-projects. Affected file: /paymentportal.php. Vulnerable parameter: 'person'. CPE candidate string: cpe:2.3:a:code-projects:simple_pizza_ordering_system:1.0:*:*:*:*:*:*:*. This product appears to be a lightweight open-source or community project with limited vendor support infrastructure. No official vendor advisory URL has been identified in standard vulnerability databases, suggesting this may be a community-discovered vulnerability without formal vendor coordination.
Remediation
Immediate remediation steps: (1) Implement prepared statements/parameterized queries for the /paymentportal.php 'person' parameter and all database interactions—replace string concatenation with parameter binding using PHP PDO or mysqli prepared statements; (2) Deploy Web Application Firewall (WAF) rules to block SQL injection patterns (UNION, SELECT, OR 1=1, etc.) targeting /paymentportal.php; (3) Apply input validation using strict whitelisting for the 'person' parameter (e.g., alphanumeric only if applicable); (4) If a patched version exists from code-projects, upgrade immediately—check project repository (GitHub/SourceForge) for version 1.1 or later patches; (5) Conduct database activity monitoring and enable query logging to detect injection attempts; (6) Conduct urgent security audit of all other PHP files for similar injection vulnerabilities; (7) As a temporary stopgap, disable or restrict access to /paymentportal.php until patching is complete.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today