This page lists publicly disclosed CVE vulnerabilities affecting admerc online_cake_ordering_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-15167 | A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | [email protected] | 5.5 | 0.33% | 2025-12-28 | 2026-06-17 |
| CVE-2025-15166 | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | [email protected] | 5.5 | 0.33% | 2025-12-28 | 2026-06-17 |
| CVE-2025-15165 | A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 5.5 | 0.33% | 2025-12-28 | 2026-06-17 |
| CVE-2025-14832 | A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | [email protected] | 5.5 | 0.33% | 2025-12-17 | 2026-06-17 |
| CVE-2025-14652 | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | [email protected] | 5.5 | 0.33% | 2025-12-14 | 2026-06-17 |
| CVE-2025-14650 | A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. | [email protected] | 5.5 | 0.34% | 2025-12-14 | 2026-06-17 |
| CVE-2025-14649 | A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the argument supplier results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. | [email protected] | 5.5 | 0.33% | 2025-12-14 | 2026-06-17 |