4 matches found
CVE-2025-2387
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely...
CVE-2025-2387
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely...
CVE-2025-2387 SourceCodester Online Food Ordering System ajax.php sql injection
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely...
CVE-2025-2387
SourceCodester Online Food Ordering System 2.0 contains a remote SQL injection in /admin/ajax.php?action=add_to_cart triggered by manipulating pid. The affected component is an unknown function, and the vulnerability is disclosed publicly, enabling exploitation without credentials. The CVE notes ...