CVE-2026-9445

CVE-2026-9445 affects SourceCodester Simple POS and Inventory System 1.0. The vulnerability is in an unrestricted upload through the /admin/addproduct.php file (File Extension Handler); manipulating the image argument enables remote code upload. Impact and exploitation details indicate remote exp...

CVE-2025-15049

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-15049 code-projects Online Farm System addProduct.php sql injection

A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-12378

The CVE-2025-12378 entry corresponds to a vulnerability in code-projects Simple Food Ordering System 1.0, specifically in the upload handling of the parameter photo via /addproduct.php. The issue arises from lack of validation of uploaded files, allowing unrestricted upload when manipulating the ...

CVE-2025-11612

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

Online Food Ordering System Code Issue Vulnerability

Online Food Ordering System is an online food ordering system developed by Carlo Montero, an individual developer. A code issue exists in version 1.0 of the Online Food Ordering System due to an unrestricted file upload vulnerability in the /addproduct.php file...