Lucene search
K

1602 matches found

Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.9 views

PT-2026-3444

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This issue affects some unknown processing of the file /order online.php. Executing a manipulation of the argument product name can lead to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS5.5AI score0.00335EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.7 views

Itsourcecode Online Frozen Foods Ordering System SQL Injection Vulnerability

itsourcecode Online Frozen Foods Ordering System is an open-source online frozen food ordering system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which arises from incorrect handling of the parameter productname in the file orderonline.php, potentially...

9.8CVSS7.2AI score0.00335EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.8 views

CVE-2021-28294

Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution RCE...

9.8CVSS8AI score0.03728EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.8 views

CVE-2022-31357

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit=...

9.8CVSS8.3AI score0.01026EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.9 views

CVE-2022-31327

Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products=...

9.8CVSS8.1AI score0.01081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.5 views

CVE-2022-31336

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php...

9.8CVSS8.1AI score0.01067EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.10 views

CVE-2023-45346

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'role' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.9 views

CVE-2023-45342

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.8 views

CVE-2023-45347

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'verified' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.13 views

CVE-2023-45343

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticketid' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.13 views

CVE-2023-45325

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.5 views

CVE-2023-45338

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.8AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.11 views

CVE-2023-45334

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'status' parameter of the routers/edit-orders.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.14 views

CVE-2023-45345

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.007EPSS
Exploits1References1
OSV
OSV
added 2025/12/29 3:15 a.m.2 views

CVE-2025-15167

A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and ma...

9.8CVSS5.7AI score0.00326EPSS
Exploits1References5
OSV
OSV
added 2025/12/29 2:15 a.m.5 views

CVE-2025-15166

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

9.8CVSS5.7AI score0.00326EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/29 2:2 a.m.5 views

EUVD-2025-205545

A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and ma...

7.5CVSS6.4AI score0.00326EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/29 1:32 a.m.3 views

EUVD-2025-205539

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

7.5CVSS6.5AI score0.00326EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/29 1:2 a.m.5 views

CVE-2025-15165 itsourcecode Online Cake Ordering System updatecustomer.php sql injection

A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

7.5CVSS7.2AI score0.00326EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.5 views

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is an online cake ordering system from itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from incorrect manipulation of the parameter ID in the file /detailtransac.php,...

9.8CVSS7.8AI score0.00326EPSS
Exploits1References5
Rows per page
Query Builder