CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

CVE-2025-13800

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function setmeshdisconnect of the file /sendorder.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could b...

CVE-2025-13800 ADSLR NBR1005GPEV2 send_order.cgi set_mesh_disconnect command injection

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function setmeshdisconnect of the file /sendorder.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could b...

CVE-2025-13799

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-13798

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function apmacfilteradd of the file /sendorder.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The...

CVE-2025-13798

The CVE-2025-13798 issue affects ADSLR NBR1005GPEV2 (version 250814-r037c). It concerns the function ap_macfilter_add in /send_order.cgi, where manipulating the mac argument can trigger a command injection. The vulnerability can be exploited remotely and, according to the sources, an exploit has ...

CVE-2025-13798 ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_add command injection

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function apmacfilteradd of the file /sendorder.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The...

PT-2025-48403

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c that allows for remote command injection. The issue is located within the ap macfilter del function of the /send order.cgi file. Manipulation ...

PT-2025-48401

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c. The issue is related to the ap macfilter add function within the /send order.cgi file. Manipulation of the mac argument can result in command...

ADSLR NBR1005GPEV2 安全漏洞

The ADSLR NBR1005GPEV2 is a wireless router from China's Flying Fish Star ADSLR. A security vulnerability exists in the ADSLR NBR1005GPEV2 version 250814-r037c, which stems from the incorrect operation of the parameter mac in the file /sendorder.cgi, which could lead to command injection...

CVE-2025-13291 Campcodes Supplier Management System confirm_order.php sql injection

A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirmorder.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

EUVD-2017-8772

Malware in sbrugna...

CVE-2024-8558

A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper validation of...

CVE-2025-28100

A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the "operateOrder.php" id parameter...

PT-2023-16523 · Sourcecodester · Sourcecodester Canteen Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Canteen Management System version 1.0 Description: A critical issue was found in the function query of the file removeOrder.php, where the manipulation of the id argument leads to sql injection. The attack can be initiated...

PHP Scripts Mall Food Order Script SQL Injection Vulnerability

PHP Scripts Mall Food Order Script is a set of PHP based online review and feedback scripts for hotels, restaurants by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Food Order Script version 1.0. A remote attacker can exploit this vulnerability by sending the...

CVE-2017-17614

Food Order Script 1.0 has SQL Injection via the /list city parameter...

CVE-2017-17614

Food Order Script 1.0 has SQL Injection via the /list city parameter...

Sql injection

Food Order Script 1.0 has SQL Injection via the /list city parameter...