Vulnerability Description
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System up to 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/suppliercontroller.php. The manipulation of the argument supplier leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adonesevangelista | Agri-Trading Online Shopping System | <= 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/Sp1d3rL1/CVE/issues/7ExploitIssue TrackingThird Party Advisory
- https://itsourcecode.com/Product
- https://vuldb.com/?ctiid.315132Permissions RequiredVDB Entry
- https://vuldb.com/?id.315132Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.607303Third Party AdvisoryVDB Entry
- https://github.com/Sp1d3rL1/CVE/issues/7ExploitIssue TrackingThird Party Advisory
FAQ
What is CVE-2025-7193?
CVE-2025-7193 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability was found in itsourcecode Agri-Trading Online Shopping System up to 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/suppliercontroller.php. ...
How severe is CVE-2025-7193?
CVE-2025-7193 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-7193?
Check the references section above for vendor advisories and patch information. Affected products include: Adonesevangelista Agri-Trading Online Shopping System.