CVE-2025-4869

A vulnerability classified as critical has been found in itsourcecode Restaurant Management System 1.0. This affects an unknown part of the file /admin/member_update.php. The manipulation of the argument menu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Published: May 18, 2025
Updated: May 29, 2025
CVE: CVE-2025-4869
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-74
CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
adonesevangelista / restaurant_management_system	1.0	1.0.x

https://github.com/wuquwuquwuqu/CVE/issues/1
https://itsourcecode.com/
https://vuldb.com/?ctiid.309411
https://vuldb.com/?id.309411
https://vuldb.com/?submit.575552

Vulnerability Database

CVE-2025-4869