CVE-2026-24494

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

CVE-2026-24494

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

CVE-2026-24494 SQL injection vulnerability in Order Up Online Ordering System

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

CVE-2026-24494

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

CVE-2026-24494

CVE-2026-24494 : A SQL injection vulnerability affects Order Up Online Ordering System 1.0 via the POST /api/integrations/getintegrations endpoint, exploitable by an unauthenticated attacker through a crafted store_id parameter to access sensitive backend data. The root cause is improper handling...