Lucene search
K

25 matches found

cvelist
cvelist
added 2026/05/29 6:3 p.m.35 views

CVE-2026-47740 Shopper: Authorization bypass in multiple Livewire admin components

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...

8.1CVSS0.00258EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/29 5:58 p.m.34 views

CVE-2026-47744 Shopper: Authorization bypass and RBAC privilege escalation in team settings

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Team/Index had no mount authorization. Any authenticated user could load the page and use its public...

9.9CVSS0.00321EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/03 1:48 a.m.4 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

9.8CVSS6AI score0.00337EPSS
Exploits1References1
nvd
nvd
added 2026/03/02 7:16 p.m.11 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

9.8CVSS0.00337EPSS
Exploits1References1
osv
osv
added 2026/03/02 7:16 p.m.2 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

9.8CVSS5.9AI score0.00337EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/03/02 12:0 a.m.3 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

6AI score0.00337EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/03/02 12:0 a.m.3 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

9.8CVSS6AI score0.00337EPSS
Exploits1References2
cve
cve
added 2026/03/02 12:0 a.m.12 views

CVE-2026-26710

CVE-2026-26710 affects code-projects Simple Food Order System v1.0 with a SQL Injection vulnerability in /food/routers/edit-orders.php. The issue is documented across multiple connected sources, which identify the vulnerability as SQL Injection and indicate a high-severity impact (CVSS v3.1: 9.8,...

9.8CVSS6AI score0.00337EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2026/03/02 12:0 a.m.7 views

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System contains an SQL injection vulnerability, which stems from the SQL injection vulnerability present in the...

9.8CVSS5.9AI score0.00337EPSS
Exploits1References2
cvelist
cvelist
added 2026/03/02 12:0 a.m.34 views

CVE-2026-26710

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

0.00337EPSS
Exploits1References1
euvd
euvd
added 2026/03/02 12:0 a.m.6 views

EUVD-2026-9254

code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php...

9.8CVSS6AI score0.00337EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/03/02 12:0 a.m.6 views

PT-2026-22685

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0 Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. This issue affects the /food/routers/edit-orders.php endpoint. The edit-orders.php file is vulnerable,...

9.8CVSS6AI score0.00337EPSS
Exploits1References4
redhatcve
redhatcve
added 2025/11/11 4:47 a.m.5 views

CVE-2025-12931

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS6.5AI score0.00316EPSS
Exploits1References1
nvd
nvd
added 2025/11/10 5:15 a.m.6 views

CVE-2025-12931

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00316EPSS
Exploits1References5
osv
osv
added 2025/11/10 5:15 a.m.5 views

CVE-2025-12931

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.00316EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/11/10 4:32 a.m.5 views

CVE-2025-12931 SourceCodester Food Ordering System edit-orders.php sql injection

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.8AI score0.00316EPSS
Exploits1References5
euvd
euvd
added 2025/11/10 4:32 a.m.4 views

EUVD-2025-41745

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.5AI score0.00316EPSS
Exploits1References6
cvelist
cvelist
added 2025/11/10 4:32 a.m.14 views

CVE-2025-12931 SourceCodester Food Ordering System edit-orders.php sql injection

A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00316EPSS
Exploits1References5
cve
cve
added 2025/11/10 4:32 a.m.13 views

CVE-2025-12931

CVE-2025-12931 concerns SourceCodester Food Ordering System 1.0. The vulnerability is a SQL injection in an unknown function of the file /routers/edit-orders.php caused by improper manipulation of the parameter ID. It is exploitable remotely, and the public exploit exists, enabling an attacker to...

9.8CVSS6.4AI score0.00316EPSS
Exploits1References5Affected Software1
cnnvd
cnnvd
added 2025/11/10 12:0 a.m.5 views

SourceCodester Food Ordering System SQL注入漏洞

SourceCodester Food Ordering System is a SourceCodester open source food ordering system. A SQL injection vulnerability exists in SourceCodester Food Ordering System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /routers/edit-orders.php, which could lead to ...

9.8CVSS6.9AI score0.00316EPSS
Exploits1References5
Rows per page
Query Builder