3 matches found
CVE-2022-31355
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category=...
CVE-2022-31355
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=...
CVE-2022-31355
CVE-2022-31355 affects Online Ordering System v2.3.2, with a SQL injection vulnerability exploitable through /ordering/index.php?q=category&search=. The root cause is lack of input validation on external input leading to SQL statement manipulation, enabling an attacker to access or modify data. D...