carmelo CVE Vulnerabilities & Metrics

Focus on carmelo vulnerabilities and metrics.

Last updated: 29 Jun 2025, 22:25 UTC

About carmelo Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with carmelo. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total carmelo CVEs: 20
Earliest CVE date: 22 Feb 2024, 01:15 UTC
Latest CVE date: 22 Jun 2025, 16:15 UTC

Latest CVE reference: CVE-2025-6483

Rolling Stats

30-day Count (Rolling): 13
365-day Count (Rolling): 14

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 133.33%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 133.33%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical carmelo CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.88

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	7
4.0-6.9	0
7.0-8.9	13
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS carmelo CVEs

These are the five CVEs with the highest CVSS scores for carmelo, sorted by severity first and recency.

CVE-2025-6483 carmelo Published on 22 Jun 2025, 16:15 UTC (CVSS: 7.5)
A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6482 carmelo Published on 22 Jun 2025, 16:15 UTC (CVSS: 7.5)
A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6481 carmelo Published on 22 Jun 2025, 15:15 UTC (CVSS: 7.5)
A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6480 carmelo Published on 22 Jun 2025, 15:15 UTC (CVSS: 7.5)
A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argument textfield leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6479 carmelo Published on 22 Jun 2025, 14:15 UTC (CVSS: 7.5)
A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

All CVEs for carmelo

CVE-2025-6483 carmelo vulnerability CVSS: 7.5 22 Jun 2025, 16:15 UTC

A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6482 carmelo vulnerability CVSS: 7.5 22 Jun 2025, 16:15 UTC

A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6481 carmelo vulnerability CVSS: 7.5 22 Jun 2025, 15:15 UTC

A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6480 carmelo vulnerability CVSS: 7.5 22 Jun 2025, 15:15 UTC

A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argument textfield leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6479 carmelo vulnerability CVSS: 7.5 22 Jun 2025, 14:15 UTC

A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6364 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 21:15 UTC

A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /adduser-exec.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely.

CVE-2025-6362 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 20:15 UTC

A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /editpro.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely.

CVE-2025-6361 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 20:15 UTC

A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /adds.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely.

CVE-2025-6360 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 19:15 UTC

A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6359 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 19:15 UTC

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cashconfirm.php. The manipulation of the argument transactioncode leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6358 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 18:15 UTC

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saveorder.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6357 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 18:15 UTC

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of the argument person leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-6356 carmelo vulnerability CVSS: 7.5 20 Jun 2025, 18:15 UTC

A vulnerability was found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /addmem.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-25914 carmelo vulnerability CVSS: 0 17 Mar 2025, 20:15 UTC

SQL injection vulnerability in Online Exam Mastering System v.1.0 allows a remote attacker to execute arbitrary code via the fid parameter

CVE-2024-28279 carmelo vulnerability CVSS: 0 14 May 2024, 15:14 UTC

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via book.php?bookisbn=.

CVE-2024-25250 carmelo vulnerability CVSS: 0 13 Mar 2024, 21:15 UTC

SQL Injection vulnerability in code-projects Agro-School Management System 1.0 allows attackers to run arbitrary code via the Login page.

CVE-2024-24105 carmelo vulnerability CVSS: 0 13 Mar 2024, 21:15 UTC

SQL Injection vulnerability in Code-projects Computer Science Time Table System 1.0 allows attackers to run arbitrary code via adminFormvalidation.php.

CVE-2024-24100 carmelo vulnerability CVSS: 0 27 Feb 2024, 02:15 UTC

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via PublisherID.

CVE-2024-24096 carmelo vulnerability CVSS: 0 27 Feb 2024, 02:15 UTC

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via BookSBIN.

CVE-2024-25251 carmelo vulnerability CVSS: 0 22 Feb 2024, 01:15 UTC

code-projects Agro-School Management System 1.0 is suffers from Incorrect Access Control.