PT-2026-28407

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage category.php via the "id" parameter...

CVE-2026-4472

A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admineditsupplier.php. The manipulation of the argument SupplierName leads to sql injection. The attack can be initiated remotely. The...

CVE-2026-4470

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

EUVD-2026-13565

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

CVE-2026-4471

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2026-4471

CVE-2026-4471 affects itsourcecode Online Frozen Foods Ordering System 1.0. The vulnerability is in the /admin/admin_edit_employee.php component where manipulating the First_Name argument can cause a SQL injection. The issue is exploitable remotely and public exploits exist. No remediation/patch ...

CVE-2026-4470 itsourcecode Online Frozen Foods Ordering System admin_edit_menu.php sql injection

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

CVE-2026-4470

Affects itsourcecode Online Frozen Foods Ordering System 1.0. The vulnerable component is the admin_edit_menu.php file (specifically the product_name parameter). The issue manifests as a SQL injection due to manipulation of the argument, enabling remote exploitation. Public exploits have been rel...

CVE-2026-4469 itsourcecode Online Frozen Foods Ordering System admin_edit_menu_action.php sql injection

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admineditmenuaction.php. Such manipulation of the argument productname leads to sql injection. The attack may be performed from...

itsourcecode Online Frozen Foods Ordering System SQL注入漏洞

itsourcecode Online Frozen Foods Ordering System is an open-source online frozen food ordering system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from incorrect handling of the parameter FirstName in the file admin/admin/editemployee.php. Th...

PT-2026-26564

A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admin edit supplier.php. The manipulation of the argument Supplier Name leads to sql injection. The attack can be initiated remotely. The...

CVE-2026-24494

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

Online Ordering System 安全漏洞

The Online Ordering System is a multi-store ordering system developed by Janobe’s individual developer. It can be used by any small business. Version 1.0 of the Online Ordering System has a security vulnerability. This vulnerability stems from the API/integrations/getintegrations endpoint, where...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136 projectworlds Online Food Ordering System view-ticket.php sql injection

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2021-28294

Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution RCE...

CVE-2022-31335

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit=...

CVE-2022-31357

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit=...

CVE-2022-31327

Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products=...