40 matches found
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
PT-2026-22694
Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0 Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. The issue is located in the '/food/routers/cancel-order.php' component. The vulnerability allows for potential...
CVE-2026-26713
The CVE-2026-26713 entry affects Simple Food Order System v1.0. It is vulnerable to SQL Injection in /food/routers/cancel-order.php due to improper input handling in a database query. Impact is rated High for confidentiality, integrity, and availability (CVSS v3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:...
Code-Projects Simple Food Order System SQL注入漏洞
Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability; this vulnerability stems from the file/food/routers/cancel-order.php being vulnerable to...
EUVD-2026-9261
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
EUVD-2026-1681
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
PT-2026-1812
Name of the Vulnerable Software and Affected Versions pss.sale.com version 1.0 Description A SQL injection issue exists in pss.sale.com version 1.0. The issue is located in the userfiles/php/cancel order.php endpoint, specifically through the id parameter. Exploitation of this issue could allow a...
pss.sale.com 安全漏洞
pss.sale.com is a merchandising system by the individual developer XiaoLiuChu in China. A security vulnerability exists in version 1.0 of pss.sale.com, which stems from an incorrect manipulation of the parameter id in the endpoint userfiles/php/cancelorder.php, which could lead to a SQL injection...
CVE-2025-51626
CVE-2025-51626 affects pss.sale.com 1.0. The issue is a SQL injection in the endpoint /userfiles/php/cancel_order.php via the id parameter, caused by improper handling of input. Impact stated: potential SQL code injection. Mitigation: Red Hat/ENISA/etc. documents indicate applying a fix for versi...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
CVE-2025-13117
A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The...
CVE-2025-13117
CVE-2025-13117 affects macrozheng mall-swarm up to version 1.0.3, targeting the cancelOrder function in /order/cancelOrder. The issue arises from manipulation of the orderId parameter, causing improper authorization. An attacker can trigger this remotely and public exploitation has been disclosed...