CVE-2025-25775

Critical CVSS: 9.8

Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.

Vendor

Product

CWE

Yayın Tarihi

2025-04-25 17:15:18

Güncelleme

2025-05-28 19:08:32

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Bus Ticket Booking System CRITICAL Codeastro 2025

https://codeastro.com/bus-ticket-booking-system-in-php-codeigniter-with-source-code/ https://github.com/arunmodi/Vulnerability-Research/tree/main/CVE-2025-25775 https://github.com/arunmodi/Vulnerability-Research/tree/main/CVE-2025-25775

Medium

CVE-2026-3137

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of th…

Critical

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that al…

High

CVE-2025-70148

Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allo…

Critical

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parame…

Medium

CVE-2025-14899

A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the f…

Medium

CVE-2025-14900

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown functi…