CVE-2025-8018: SQL Injection Vulnerability in Food Ordering Review System

CVE-2025-8018: SQL Injection Vulnerability in Food Ordering Review System 1.0

This blog post details a critical SQL injection vulnerability discovered in code-projects Food Ordering Review System version 1.0. This flaw allows a remote attacker with low privileges to execute arbitrary SQL commands, potentially leading to sensitive data exposure or system compromise.

🔍 TL;DR Summary

A critical SQL injection vulnerability (CVE-2025-8018) has been identified in code-projects Food Ordering Review System 1.0. By manipulating the reg_Id parameter in /user/reservation_page.php, an attacker can inject malicious SQL code. A proof-of-concept exploit is publicly available, making immediate patching crucial.

🚨 Vulnerability Details

• CVE ID: CVE-2025-8018
• Description: A SQL injection vulnerability exists in the reg_Id parameter of the /user/reservation_page.php file within code-projects Food Ordering Review System 1.0. This allows an attacker to execute arbitrary SQL commands on the backend database. Other parameters may be vulnerable as well.
• CVSS Score: 6.3 (Medium)
• CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
• CVSS Explanation: The CVSS vector indicates that the vulnerability is remotely exploitable (AV:N), requires low attack complexity (AC:L), and requires low privileges (PR:L). User interaction is not required (UI:N). The impact is limited to low confidentiality (C:L), integrity (I:L), and availability (A:L). An attacker can potentially read, modify, or disrupt some data, but not the entire system.
• Exploit Requirements: An attacker needs minimal privileges to exploit this vulnerability. A publicly available proof-of-concept exploit exists.
• Affected Vendor: code-projects
• Affected Product: Food Ordering Review System
• Affected Version: 1.0
• CWE: CWE-89 (SQL Injection)
• CWE Explanation: CWE-89, or SQL Injection, occurs when an application incorporates user-supplied data into a SQL query without proper sanitization. This allows an attacker to manipulate the query and execute arbitrary SQL commands on the database.

📅 Timeline of Events

• 2025-07-22: Vulnerability reported.
• 2025-07-22: CVE ID assigned (CVE-2025-8018).
• 2025-07-22: Public disclosure of the vulnerability and exploit.

🧠 Exploitability & Real-World Risk

The existence of a public exploit significantly increases the risk associated with this vulnerability. An attacker can easily leverage the exploit to gain unauthorized access to the database, potentially leading to:

• Data theft (customer information, order details, etc.)
• Data modification (price manipulation, order tampering)
• Account compromise (admin account takeover)
• Denial of service (database overload)

Given that the application likely handles sensitive customer data, a successful exploit could have significant financial and reputational consequences for the affected business.

🛠️ Recommendations

Immediate action is required to mitigate this vulnerability:

• Apply the patch: If a patch is available from code-projects, apply it immediately.
• Input Sanitization: Implement proper input sanitization and validation for all user-supplied data, especially the reg_Id parameter. Use parameterized queries or prepared statements to prevent SQL injection.
• Web Application Firewall (WAF): Deploy a WAF to detect and block SQL injection attempts.
• Least Privilege: Ensure the database user account used by the application has only the minimum necessary privileges.
• Regular Security Audits: Conduct regular security audits and penetration testing to identify and address vulnerabilities proactively.

🧪 Technical Insight

The SQL injection likely occurs because the reg_Id parameter is directly incorporated into a SQL query without proper escaping or sanitization. For example, a malicious user could inject the following value:

1; DROP TABLE users; --

This would result in the following SQL query being executed:

SELECT * FROM reservations WHERE reg_Id = 1; DROP TABLE users; --'

This would drop the entire users table, causing significant data loss and application malfunction.

🙌 Credit to Researcher(s)

This vulnerability was reported by VulDB.

🔗 References

• code-projects.org
• GitHub Issue
• VulDB - ctiid.317221
• VulDB - id.317221
• VulDB - submit.619379

🧵 Tags

#SQLInjection #CVE-2025-8018 #FoodOrderingReviewSystem #RemoteCodeExecution #Vulnerability #Security

Summary: A critical SQL injection vulnerability (CVE-2025-8018) was discovered in code-projects Food Ordering Review System 1.0. An attacker can manipulate the reg_Id parameter in /user/reservation_page.php to inject arbitrary SQL code. A public exploit is available, making immediate patching crucial.

CVE ID: CVE-2025-8018

Risk Analysis: Successful exploitation can lead to data theft, data modification, account compromise, and denial of service, resulting in financial and reputational damage.

Recommendation: Apply the patch, implement input sanitization, deploy a web application firewall, enforce least privilege, and conduct regular security audits.

Timeline

• 2025-07-22: Vulnerability reported and CVE ID assigned (CVE-2025-8018).
• 2025-07-22: Public disclosure of the vulnerability and exploit.

References

• https://code-projects.org/
• https://github.com/i-Corner/cve/issues/10
• https://vuldb.com/?ctiid.317221
• https://vuldb.com/?id.317221
• https://vuldb.com/?submit.619379