22 matches found
CVE-2026-5017
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
EUVD-2026-16953
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
CVE-2026-5017
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
CVE-2026-5017
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
CVE-2026-5017 code-projects Simple Food Order System Parameter all-tickets.php sql injection
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
CVE-2026-5017
CVE-2026-5017 affects code-projects Simple Food Order System 1.0, specifically the Parameter Handler’s file /all-tickets.php. Affected behavior: manipulation of the Status parameter can cause SQL injection, with remote exploitation and the exploit publicly released. Remediation guidance present i...
CVE-2026-5017 code-projects Simple Food Order System Parameter all-tickets.php sql injection
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
PT-2026-28731
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description A security flaw exists in code-projects Simple Food Order System version 1.0. The issue resides in the Parameter Handler component, specifically within the file /all-tickets.php...
Code-Projects Simple Food Order System SQL注入漏洞
Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from an unknown function in the Component Parameter Handler’s fi...
CVE-2026-4533
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-4533
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-4533 code-projects Simple Food Ordering System all-tickets.php sql injection
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-4533
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-4533 code-projects Simple Food Ordering System all-tickets.php sql injection
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
EUVD-2026-14271
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2026-4533
CVE-2026-4533 affects code-projects Simple Food Ordering System 1.0. The vulnerability is in the all-tickets.php file where manipulating the Status parameter results in an SQL injection, with remote exploitation possible. Exploitation details are reported across multiple sources (NVD, Red Hat, CI...
PT-2026-26963
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...
CVE-2025-10039 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.2.9 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'eh_crm_ticket_single_view_client'
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.9 via the 'ehcrmticketsingleviewclient' due to missing validation on a user controlled key. This makes it possible for...
WordPress plugin ELEX WordPress HelpDesk & Customer Ticketing System 安全漏洞
WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin is a helpdesk and customer work order system plugin for WordPress websites designed to help businesses or individuals efficiently manage customer support requests. The WordPress ELEX WordPress HelpDesk & Customer Ticketing Syste...
CVE-2024-5860
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tcdldeletetickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level...