CVE-2025-52327
📊 7.8 HIGH⚡ 0.0%🎯 0 exploits
📅 Published Aug 1, 2025
📋 Status: Analyzed
SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file
CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0
🎯 Affected Products & Systems
1 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | carmelogarcia | restaurant order system | 1.0 | Vulnerable | cpe:2.3:a:carmelogarcia:restaurant_order_system:1.0:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 1.0
CPE:
cpe:2.3:a:carmelogarcia:restaurant_order_system:1.0:*:*:*:*:*:*:*
Metrics
7.8 HIGHCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
7.8 (HIGH)v3.1
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
EPSS Details
0.0% (Minimal)4.5th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Aug 1, 2025 (3 months ago)
Last Modified
Aug 15, 2025 (2 months ago)
Security Weaknesses1
CWE-89
References4
NVDcode_repositorygeneral+1