Code-Projects Simple Cafe Ordering System vulnerabilities

CVE-2025-13201 [MEDIUM] CWE-74 CVE-2025-13201: A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this is A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

CVE-2025-13202 [MEDIUM] CWE-79 CVE-2025-13202: A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects a A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /add_to_cart. Performing manipulation of the argument product_name results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.

CVE-2025-13203 [MEDIUM] CWE-74 CVE-2025-13203: A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Executing manipulation of the argument studentnum can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.

CVE-2025-9025 [MEDIUM] CWE-74 CVE-2025-9025: A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this is A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.