CNNVD-202508-3547 Information

Aug 29, 2025 cve

CNNVD ID

CNNVD-202508-3547

CVE-2025-9660

CNNVD Published: 2025-08-29

Description (Chinese)

SourceCodester Bakeshop Online Ordering System是SourceCodester开源的一个在线订购系统。 SourceCodester Bakeshop Online Ordering System 1.0版本存在安全漏洞，该漏洞源于文件/passwordrecover.php中参数phonenumber的错误操作导致SQL注入。

Description (English)

SourceCodester Bakeshop Online Ordering System is an online order system open to SourceCodester. The security loophole in version 1.0 of SourceCodester Bakeshop Online Organizing System stems from the error of the parameter phonember in document/passwordrecover.php leading to the injection of SQL.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

SourceCodester

Published

2025-08-29

Last Modified

2026-02-24

References

https://www.sourcecodester.com/ https://vuldb.com/?submit.637236 https://vuldb.com/?id.321868 https://vuldb.com/?ctiid.321868 https://github.com/daimabiabia/cve/issues/1 https://nvd.nist.gov/vuln/detail/CVE-2025-9660 https://access.redhat.com/security/cve/cve-2025-9660

Patch

https://www.sourcecodester.com/php/14609/bakeshop-online-ordering-system-phpmysqli-full-source-code.html

Share on: