CVE-2025-12378 – code-projects Simple Food Ordering System addproduct.php unrestricted upload

CVE ID : CVE-2025-12378

Published : Oct. 28, 2025, 6:15 a.m. | 29 minutes ago

Description : A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…