CVE-2026-9445

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

CVE-2025-15049

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-15049 code-projects Online Farm System addProduct.php sql injection

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

Code-Projects Online Farm System SQL注入漏洞

Code-Projects Online Farm System is a Code-Projects open source online farm system. Code-Projects Online Farm System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Username in the file /addProduct.php, which could lead to a SQL...

PT-2025-52861

Name of the Vulnerable Software and Affected Versions Online Farm System version 1.0 Description A flaw exists in Online Farm System 1.0 that allows for SQL injection. The issue is located in the /addProduct.php file, specifically through manipulation of the Username argument. This allows for...

Simple Food Ordering System addproduct.php File Upload Vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in the file /addproduct.php. No details of the vulnerability are available at this time...

Simple Food Ordering System addproduct.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname/category/price in the file /addproduct.php, which c...

CVE-2025-12299

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12378

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

PT-2025-44088

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. The issue affects processing of the file /addproduct.php. Manipulation of the photo argumen...

CVE-2025-12299 code-projects Simple Food Ordering System addproduct.php cross site scripting

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12299

CVE-2025-12299 affects code-projects Simple Food Ordering System 1.0. The vulnerability is a cross-site scripting flaw in /addproduct.php, triggered by manipulating the pname, category, or price parameters. It can be exploited remotely, and multiple sources note that public exploits exist. Report...

PT-2025-43992

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security flaw exists in code-projects Simple Food Ordering System 1.0. The issue affects unknown code within the /addproduct.php file. Manipulation of the pname/category/price...

Simple Food Ordering System /addproduct.php File SQL Injection Vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter Category in the file /addproduct.php. An attacker can use this...

CVE-2025-11612

CVE-2025-11612 affects the Simple Food Ordering System 1.0, specifically the /addproduct.php script. The root cause is a lack of validation of the Category parameter, allowing an SQL injection that can be exploited remotely. Public exploit details exist. Several connected sources corroborate the ...

CVE-2025-11612 code-projects Simple Food Ordering System addproduct.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

CVE-2025-11612 code-projects Simple Food Ordering System addproduct.php sql injection

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

Code-Projects Simple Food Ordering System SQL注入漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter Category in the file /addproduct.php. An attacker can use this...

PT-2025-41698

Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0 Description A flaw exists in Simple Food Ordering System 1.0 that allows for SQL injection. The issue is located in the /addproduct.php file, specifically through manipulation of the Category argument...

CVE-2023-3183

A vulnerability was found in SourceCodester Performance Indicator System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addproduct.php. The manipulation of the argument prodname leads to cross site scripting. The attack can ...