25 matches found
CVE-2026-47740 Shopper: Authorization bypass in multiple Livewire admin components
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...
CVE-2026-47744 Shopper: Authorization bypass and RBAC privilege escalation in team settings
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Team/Index had no mount authorization. Any authenticated user could load the page and use its public...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
CVE-2026-26710
CVE-2026-26710 affects code-projects Simple Food Order System v1.0 with a SQL Injection vulnerability in /food/routers/edit-orders.php. The issue is documented across multiple connected sources, which identify the vulnerability as SQL Injection and indicate a high-severity impact (CVSS v3.1: 9.8,...
Code-Projects Simple Food Order System SQL注入漏洞
Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System contains an SQL injection vulnerability, which stems from the SQL injection vulnerability present in the...
CVE-2026-26710
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
EUVD-2026-9254
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...
PT-2026-22685
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. This issue affects the /food/routers/edit-orders.php endpoint. The edit-orders.php file is vulnerable,...
CVE-2025-12931
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12931
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12931
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12931 SourceCodester Food Ordering System edit-orders.php sql injection
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
EUVD-2025-41745
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12931 SourceCodester Food Ordering System edit-orders.php sql injection
A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-12931
CVE-2025-12931 concerns SourceCodester Food Ordering System 1.0. The vulnerability is a SQL injection in an unknown function of the file /routers/edit-orders.php caused by improper manipulation of the parameter ID. It is exploitable remotely, and the public exploit exists, enabling an attacker to...
SourceCodester Food Ordering System SQL注入漏洞
SourceCodester Food Ordering System is a SourceCodester open source food ordering system. A SQL injection vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /routers/edit-orders.php, which could lead to ...