27 matches found
EUVD-2026-16959
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
CVE-2026-5019
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
Code-Projects Simple Food Order System SQL注入漏洞
Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the code-projects Simple Food Order System has a SQL injection vulnerability. This vulnerability arises from an unknown function in the all-orders.php file used by the...
CVE-2026-5019
The CVE-2026-5019 issue affects code-projects’ Simple Food Order System 1.0, specifically the all-orders.php in the Parameter Handler. The vulnerability arises from manipulating the Status parameter, enabling a SQL injection. A remote attack is possible, and public exploit details have been discl...
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
CVE-2026-5019
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
PT-2026-28733
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description A security issue exists in code-projects Simple Food Order System version 1.0 related to SQL injection. The issue is located in the all-orders.php file within the Parameter Handler...
CVE-2025-11604
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
EUVD-2025-33866
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604
CVE-2025-11604 affects ProjectWorlds Online Ordering Food System 1.0. The vulnerability arises from improper handling of the Status parameter in /all-orders.php, allowing an SQL injection via remote exploitation. Public exploit disclosed. Multiple sources (NVD, Red Hat, EUVD, CNNVD, CVE listing) ...
CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
Projectworlds Online Ordering Food System SQL注入漏洞
Projectworlds Online Ordering Food System is an online ordering food system from Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Ordering Food System version 1.0, which stems from an incorrect manipulation of the parameter Status in the file /all-orders.php, which coul...
PT-2025-41690
Name of the Vulnerable Software and Affected Versions ProjectWorlds Online Ordering Food System version 1.0 Description A SQL injection issue exists due to improper processing of the Status argument in the /all-orders.php file. Remote exploitation is possible. The exploit has been publicly...
CVE-2024-12315
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in t...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...
CVE-2023-36643
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function...