Lucene search
+L

2300 matches found

cvelist
cvelist
added 2026/03/28 10:30 p.m.34 views

CVE-2026-5017 code-projects Simple Food Order System Parameter all-tickets.php sql injection

A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...

7.5CVSS0.00333EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.3 views

CVE-2026-30532

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...

9.8CVSS6AI score0.0033EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.3 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

8.8CVSS6AI score0.00446EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30530

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...

9.8CVSS6AI score0.00476EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.4 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

8.3CVSS6AI score0.00328EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.3 views

CVE-2026-30531

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...

8.8CVSS6AI score0.00445EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.3 views

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

9.8CVSS6AI score0.00394EPSS
Exploits1References1
cnnvd
cnnvd
added 2026/03/28 12:0 a.m.10 views

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from improper handling of parameters by the unknown function in...

9.8CVSS7.1AI score0.00345EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/03/28 12:0 a.m.10 views

PT-2026-28731

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description A security flaw exists in code-projects Simple Food Order System version 1.0. The issue resides in the Parameter Handler component, specifically within the file /all-tickets.php...

7.5CVSS5.7AI score0.00333EPSS
Exploits1References7
cnnvd
cnnvd
added 2026/03/28 12:0 a.m.15 views

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from an unknown function in the Component Parameter Handler’s fi...

9.8CVSS7.1AI score0.00333EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/03/28 12:0 a.m.9 views

PT-2026-28733

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description A security issue exists in code-projects Simple Food Order System version 1.0 related to SQL injection. The issue is located in the all-orders.php file within the Parameter Handler...

7.5CVSS5.9AI score0.00449EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2026/03/28 12:0 a.m.13 views

PT-2026-28732

Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0 Description A flaw exists in Simple Food Order System 1.0 related to the handling of parameters. Specifically, manipulating the Name argument can lead to SQL injection. This issue affects an unknown functio...

7.5CVSS5.8AI score0.00345EPSS
Exploits1References7
redhatcve
redhatcve
added 2026/03/27 10:51 p.m.12 views

CVE-2026-33148

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the FDC USDA FoodData Central search endpoint constructs an upstream API URL by directly interpolating the user-supplied query parameter into the URL string without...

6.5CVSS5.9AI score0.00467EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/03/27 10:51 p.m.6 views

CVE-2026-4898

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.3CVSS4.3AI score0.00343EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/27 10:51 p.m.8 views

CVE-2026-4900

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...

6.9CVSS5.8AI score0.00433EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/27 10:51 p.m.8 views

CVE-2026-4899

A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argument cuisines results in cross site scripting. It is possible to launch the attack remotely. The...

4.8CVSS4.4AI score0.00293EPSS
Exploits0References1
euvd
euvd
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16676

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...

9.8CVSS6AI score0.00476EPSS
Exploits1References2
euvd
euvd
added 2026/03/27 6:31 p.m.3 views

EUVD-2026-16680

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...

9.8CVSS6AI score0.0033EPSS
Exploits1References2
euvd
euvd
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16684

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

8.3CVSS6AI score0.00328EPSS
Exploits1References2
euvd
euvd
added 2026/03/27 6:31 p.m.4 views

EUVD-2026-16674

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

8.8CVSS6AI score0.00446EPSS
Exploits1References2
Rows per page
Query Builder