CVE Daily

CVE-2025-52327

SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attack...

High CVSS 7.8

Overview

SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file

CWE: CWE-89 Published: 2025-08-01T16:15:41.903
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.8 (HIGH)
  • Detected tags: sql (tag impact: MODERATE)

Recommended actions:

  • Use parameterized queries/ORM (avoid string concatenation).
  • Add WAF rules and input validation.

Recommended tools

Tags