2720 matches found
PT-2026-28401
A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management module within the admin panel. The application fails to properly sanitize user input supplied to the "Category Name" field when creating or updating a category. Whe...
PT-2026-28405
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view product.php file via the "id" parameter...
PT-2026-28403
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save customer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL comman...
CVE-2026-30527
A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management module within the admin panel. The application fails to properly sanitize user input supplied to the "Category Name" field when creating or updating a category. Whe...
SourceCodester Online Food Ordering System 安全漏洞
The SourceCodester Online Food Ordering System is an open-source online ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the fact that the savecustomer operation in the...
SourceCodester Online Food Ordering System 安全漏洞
The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the improper cleaning of the id parameter in th...
PT-2026-28413
A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity txtqty exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30531
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...
SourceCodester Online Food Ordering System 安全漏洞
The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the improper cleaning of the id parameter in th...
CVE-2026-30533
CVE-2026-30533 targets SourceCodester Online Food Ordering System v1.0. The vulnerability is a SQL Injection in admin/manage_product.php via the id parameter. Reported metrics show CVSS v3.1 base score 9.8 (CRITICAL, NETWORK vector, no user interaction). Affected component: admin/manage_product.p...
CVE-2026-30534
SourceCodester Online Food Ordering System v1.0 is affected by a SQL Injection in admin/manage_category.php via the id parameter. The CVE entry provides no vendor-specific remediation in the connected docs; CVSS v3.1 base score is 8.3 (HIGH) with network attack vector, low attack complexity, priv...
CVE-2026-30532
CVE-2026-30532 describes a SQL Injection vulnerability in SourceCodester Online Food Ordering System v1.0, exposed via the admin/view_product.php file when using the id parameter. The vulnerability is documented as affecting the admin view_Product flow, with the root cause being unsafe constructi...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
CVE-2026-30531
The CVE-2026-30531 entry affects SourceCodester Online Food Ordering System v1.0, specifically the Actions.php save_category action. The issue stems from improper sanitization of the name parameter, enabling SQL injection by an authenticated attacker. Impact described in the sources includes high...
CVE-2026-4900
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...
CVE-2026-4899
A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argument cuisines results in cross site scripting. It is possible to launch the attack remotely. The...
CVE-2026-4898
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2026-4900 code-projects Online Food Ordering System localhost.sql privilege escalation
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...