code-projects Refugee Food Management System 1.0 /home/editfood.php a/b/c/d SQL Injection

Hakika vulnerability da aka rarraba a matsayin kura an gano a code-projects Refugee Food Management System 1.0. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil /home/editfood.php, a cikin sashi $software_component. Wuro manipulation of the argument a/b/c/d ga SQL Injection. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-89. Lalle, rauni an sanar da shi 12/28/2025. Ana samun bayanin tsaro don saukewa a github.com. Ana kiran wannan rauni da CVE-2025-15209. Ngam yiɗi ka a tuma ndiyam ka nder layi. Bayani na fasaha ga. Kuma, akwai exploit. Exploit ɗin an bayyana wa jama'a, za a iya amfani da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á yí huɗɗi-na-gaskiya. Za a iya samun exploit a github.com. 0-day ga, an ndiyam a wuro be $0-$5k. If you want to get best quality of vulnerability data, you may have to visit VulDB.

4 Goyarwa · 98 Datenpunkte

FurɗeSúgá
12/28/2025 14:10		Gargadi 1/3
12/30/2025 00:21		Gargadi 2/3
12/30/2025 04:47		Gargadi 3/3
01/03/2026 04:20
software_vendorcode-projectscode-projectscode-projectscode-projects
software_nameRefugee Food Management SystemRefugee Food Management SystemRefugee Food Management SystemRefugee Food Management System
software_version1.01.01.01.0
software_file/home/editfood.php/home/editfood.php/home/editfood.php/home/editfood.php
software_argumenta/b/c/da/b/c/da/b/c/da/b/c/d
vulnerability_cweCWE-89 (SQL Injection)CWE-89 (SQL Injection)CWE-89 (SQL Injection)CWE-89 (SQL Injection)
vulnerability_risk2222
cvss3_vuldb_avNNNN
cvss3_vuldb_acLLLL
cvss3_vuldb_uiNNNN
cvss3_vuldb_sUUUU
cvss3_vuldb_cLLLL
cvss3_vuldb_iLLLL
cvss3_vuldb_aLLLL
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_urlhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.md
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.mdhttps://github.com/YZS17/CVE/blob/main/Refugee%20Food_Management_System/sqli_editfood.php.md
source_cveCVE-2025-15209CVE-2025-15209CVE-2025-15209CVE-2025-15209
cna_responsibleVulDBVulDBVulDBVulDB
software_typeProject Management SoftwareProject Management SoftwareProject Management SoftwareProject Management Software
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_ciPPPP
cvss2_vuldb_iiPPPP
cvss2_vuldb_aiPPPP
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss4_vuldb_avNNNN
cvss4_vuldb_acLLLL
cvss4_vuldb_uiNNNN
cvss4_vuldb_vcLLLL
cvss4_vuldb_viLLLL
cvss4_vuldb_vaLLLL
cvss4_vuldb_ePPPP
cvss2_vuldb_auSSSS
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_prLLLL
cvss3_vuldb_rlXXXX
cvss4_vuldb_atNNNN
cvss4_vuldb_prLLLL
cvss4_vuldb_scNNNN
cvss4_vuldb_siNNNN
cvss4_vuldb_saNNNN
cvss2_vuldb_basescore6.56.56.56.5
cvss2_vuldb_tempscore5.65.65.65.6
cvss3_vuldb_basescore6.36.36.36.3
cvss3_vuldb_tempscore5.75.75.75.7
cvss3_meta_basescore6.36.36.37.5
cvss3_meta_tempscore5.76.06.07.3
cvss4_vuldb_bscore5.35.35.35.3
cvss4_vuldb_btscore2.12.12.12.1
advisory_date1766876400 (12/28/2025)1766876400 (12/28/2025)1766876400 (12/28/2025)1766876400 (12/28/2025)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
cvss4_cna_avNNN
cvss4_cna_acLLL
cvss4_cna_atNNN
cvss4_cna_prLLL
cvss4_cna_uiNNN
cvss4_cna_vcLLL
cvss4_cna_viLLL
cvss4_cna_vaLLL
cvss4_cna_scNNN
cvss4_cna_siNNN
cvss4_cna_saNNN
cvss4_cna_bscore5.35.35.3
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prLLL
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iLLL
cvss3_cna_aLLL
cvss3_cna_basescore6.36.36.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auSSS
cvss2_cna_ciPPP
cvss2_cna_iiPPP
cvss2_cna_aiPPP
cvss2_cna_basescore6.56.56.5
euvd_idEUVD-2025-205664EUVD-2025-205664
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore9.8

GurɗoGumtiGada

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!