EUVD-2025-18851Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
CVE-2025-6482 is a SQL injection vulnerability in Simple Pizza Ordering System 1.0 affecting the /edituser-exec.php endpoint via the userid parameter, allowing unauthenticated remote attackers to execute arbitrary SQL commands and potentially exfiltrate, modify, or delete database contents. The vulnerability has been publicly disclosed with proof-of-concept exploitation available, presenting immediate risk to affected installations. With a CVSS score of 7.3 and network-based attack vector requiring no user interaction, this represents a moderately critical risk requiring urgent patching.
Technical ContextAI
The vulnerability exists in code-projects Simple Pizza Ordering System 1.0, a web-based PHP application for pizza ordering. The root cause is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), specifically SQL injection via inadequate input validation on the userid parameter in /edituser-exec.php. The affected component fails to properly sanitize or parameterize user-supplied input before constructing SQL queries, allowing attackers to inject malicious SQL syntax. The vulnerability affects PHP-based web applications with direct database connectivity, typical of small business ordering systems. No Web Application Firewall (WAF) bypass techniques are noted, but the lack of authentication (PR:N in CVSS vector) indicates the application layer lacks access controls on this administrative function.
RemediationAI
Immediate actions: (1) If running Simple Pizza Ordering System 1.0, disable or restrict network access to /edituser-exec.php via Web Application Firewall rules or htaccess restrictions until a patch is available. (2) Implement input validation on the userid parameter using a whitelist approach (alphanumeric only, specific length requirements). (3) Use parameterized queries (prepared statements) in PHP via mysqli::prepare() or PDO prepared statements to separate SQL code from user input. (4) Apply principle of least privilege to database credentials—ensure the application database user lacks ALTER/DROP permissions. (5) Monitor database activity logs for suspicious SQL queries. (6) Contact code-projects vendor for patch availability; if no patch forthcoming, consider migrating to a maintained alternative pizza ordering system. (7) Conduct a database audit for signs of compromise (unauthorized data access, modified user records, deleted transactions).
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today