CVE-2025-3336: codeprojects Online Restaurant Management System member_save.php sql injection
First published: Mon Apr 07 2025(Updated: )
A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| codeprojects Online Restaurant Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-3336?
CVE-2025-3336 has been declared as critical in severity.
What type of vulnerability is CVE-2025-3336?
CVE-2025-3336 is an SQL injection vulnerability affecting the file /admin/member_save.php.
How can I fix CVE-2025-3336?
To fix CVE-2025-3336, you should sanitize and validate all user inputs to prevent SQL injection.
Which software is affected by CVE-2025-3336?
The affected software for CVE-2025-3336 is the Online Restaurant Management System by Codeprojects.
What is the potential impact of exploiting CVE-2025-3336?
Exploiting CVE-2025-3336 could allow an attacker to execute arbitrary SQL queries on the database.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/codeprojects
- canonical/codeprojects online restaurant management system