Simple%20Cafe%20Billing%20System

Simple Cafe Billing System

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-9702

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-6.9||MEDIUM

EPSS-Not Assigned

Published-30 Aug, 2025 | 19:02

Updated-30 Aug, 2025 | 19:15

SourceCodester Simple Cafe Billing System sales_report.php sql injection

A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /sales_report.php. The manipulation of the argument month leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

Vendor-SourceCodester

Product-Simple Cafe Billing System

CWE ID-CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2025-9701

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-6.9||MEDIUM

EPSS-Not Assigned

Published-30 Aug, 2025 | 18:02

Updated-30 Aug, 2025 | 18:15

SourceCodester Simple Cafe Billing System receipt.php sql injection

A vulnerability was determined in SourceCodester Simple Cafe Billing System 1.0. The impacted element is an unknown function of the file /receipt.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Vendor-SourceCodester

Product-Simple Cafe Billing System

CWE ID-CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')