CVE-2025-15073

EUVD-2025-205359
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
7.3 HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
itsourcecodeonline_frozen_foods_ordering_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/24ggee/CVE/issues/1
https://itsourcecode.com/
https://vuldb.com/?ctiid.338330
https://vuldb.com/?id.338330
https://vuldb.com/?submit.721321