44 matches found
EUVD-2026-42561
The CorvusPay WooCommerce Payment Gateway plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.7.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers t...
CVE-2026-14694
A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancelorder of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible...
EUVD-2026-41716
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancelorder of the file classes/Master.php. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit h...
CVE-2026-14693
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancelorder of the file classes/Master.php. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit h...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
PT-2026-22694
Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0 Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. The issue is located in the '/food/routers/cancel-order.php' component. The vulnerability allows for potential...
CVE-2026-26713
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
Code-Projects Simple Food Order System SQL注入漏洞
Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability; this vulnerability stems from the file/food/routers/cancel-order.php being vulnerable to...
CVE-2026-26713
The CVE-2026-26713 entry affects Simple Food Order System v1.0. It is vulnerable to SQL Injection in /food/routers/cancel-order.php due to improper input handling in a database query. Impact is rated High for confidentiality, integrity, and availability (CVSS v3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:...
EUVD-2026-9261
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
CVE-2025-51626
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
EUVD-2026-1681
SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...
pss.sale.com 安全漏洞
pss.sale.com is a merchandising system by the individual developer XiaoLiuChu in China. A security vulnerability exists in version 1.0 of pss.sale.com, which stems from an incorrect manipulation of the parameter id in the endpoint userfiles/php/cancelorder.php, which could lead to a SQL injection...
PT-2026-1812
Name of the Vulnerable Software and Affected Versions pss.sale.com version 1.0 Description A SQL injection issue exists in pss.sale.com version 1.0. The issue is located in the userfiles/php/cancel order.php endpoint, specifically through the id parameter. Exploitation of this issue could allow a...