CVE-2024-5636

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The...

CVE-2022-30797

CVE-2022-30797 affects Online Ordering System 1.0 (admin/vieworders.php) and is caused by an SQL injection vulnerability. Affected component is the web application's admin view orders interface; the root cause is improper input handling/validation on that page. Documented impact includes potentia...

CVE-2021-28294

CVE-2021-28294 affects Online Ordering System 1.0. The vulnerability is an arbitrary file upload via the endpoint /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE). Several connected sources corroborate the RCE risk and the specific upload vector; an expl...

Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated) Vulnerability

Exploit Title: Online Ordering System 1.0 - Blind SQL Injection Unauthenticated Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: v1.0 Vulnerable endpoint:...

Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Vulnerability

Exploit Title: Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: 1.0 Tested on Windows...