Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/31 12:31 a.m.0 views

EUVD-2026-17253

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument custid leads to cross site scripting. The attack may be performed from remote. The exploit ...

5.3CVSS4.3AI score0.00013EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/03/31 12:0 a.m.3 views

Code-Projects Online Food Ordering System 代码注入漏洞

The Code-Projects Online Food Ordering System is an open-source online ordering system developed by Code-Projects. Version 1.0 of the Code-Projects Online Food Ordering System contains a code injection vulnerability. This vulnerability arises from incorrect handling of the custid parameter in the...

5.3CVSS5.7AI score0.00013EPSS
Exploits0References5
CVE
CVEadded 2026/03/30 11:30 p.m.1 views

CVE-2026-5157

CVE-2026-5157 affects code-projects Online Food Ordering System 1.0, specifically the Order Module’s /form/order.php. The vulnerability arises from manipulating the cust_id argument, enabling cross-site scripting (XSS). Exploitation can be performed remotely, and a public exploit is available. Do...

5.3CVSS4.3AI score0.00013EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/01/09 12:0 a.m.16 views

CVE-2025-51626

SQL injection vulnerability in pss.sale.com 1.0 via the id parameter to the userfiles/php/cancelorder.php endpoint...

0.00012EPSS
Exploits0References2
CNVD
CNVDadded 2025/07/21 12:0 a.m.1 views

Simple Shopping Cart save_order.php File SQL Injection Vulnerability

Simple Shopping Cart is a simple shopping cart system. Simple Shopping Cart suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter orderprice in the file /Customers/saveorder.php. An attacker can exploit this...

9.8CVSS7.9AI score0.00204EPSS
Exploits1References1
OSV
OSVadded 2024/03/04 1:15 a.m.0 views

CVE-2024-2153

A vulnerability, which was classified as critical, was found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /admin/orders/vieworder.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS6.4AI score0.00136EPSS
Exploits1References3
NVD
NVDadded 2023/06/17 10:15 p.m.10 views

CVE-2023-35810

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing...

7.2CVSS7.2AI score0.00337EPSS
Exploits2References3
0day.today
0day.todayadded 2017/12/19 12:0 a.m.28 views

Tuleap 9.6 Second-Order PHP Object Injection Exploit

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap = 9.6 which could be abused by authenticated users to...

6.5CVSS9.2AI score0.73892EPSS
Exploits6
Rows per page
Query Builder