CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/17 5:2 p.m.•2 views

CVE-2026-4319 code-projects Simple Food Order System add-item.php sql injection

7.5CVSS5.8AI score0.00045EPSS

ATTACKERKB•added 2026/03/17 5:2 p.m.•1 views

CVE-2026-4319

7.5CVSS5.8AI score0.00045EPSS

Exploits1References5Affected Software1

CNNVD•added 2026/03/17 12:0 a.m.•2 views

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the code-projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the price parameter in the...

9.8CVSS7.2AI score0.00045EPSS

CNNVD•added 2026/01/29 12:0 a.m.•1 views

Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.

Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. The versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were...

5.3CVSS5.8AI score0.00068EPSS

Vulnrichment•added 2026/01/04 9:2 a.m.•4 views

CVE-2026-0576 code-projects Online Product Reservation System Parameter prod.php sql injection

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...

7.5CVSS7.2AI score0.00026EPSS

CNNVD•added 2026/01/04 12:0 a.m.•1 views

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. Code-Projects Online Product Reservation System version 1.0 has a SQL injection vulnerability, which originates from a misuse of the parameter prodid/name/price/model/ in the file...

9.8CVSS7.8AI score0.00026EPSS

CNVD•added 2025/11/20 12:0 a.m.•2 views

Online Shopping Portal product-details.php file SQL Injection Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the name, summary, review, quality, price, and value parameters in product-details.php. An attacker c...

6.5CVSS8.3AI score0.00037EPSS

CNNVD•added 2025/11/17 12:0 a.m.•3 views

PHPGurukul Online Shopping Portal 安全漏洞

6.5CVSS8.2AI score0.00037EPSS

Exploits1References3

Vulnrichment•added 2025/11/17 12:0 a.m.•2 views

CVE-2024-44664

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the name, summary, review, quality, price, and value parameters in product-details.php...

7.6AI score0.00037EPSS

Exploits1References2

CNVD•added 2025/10/31 12:0 a.m.•2 views

Simple Food Ordering System addproduct.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname/category/price in the file /addproduct.php, which c...

6.1CVSS4.6AI score0.00038EPSS

CNVD•added 2025/10/31 12:0 a.m.•3 views

Simple Food Ordering System editproduct.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...

6.1CVSS4.6AI score0.00038EPSS

NVD•added 2025/10/27 8:15 p.m.•2 views

CVE-2025-12315

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...

9.8CVSS0.00028EPSS

Vulnrichment•added 2025/10/27 5:2 p.m.•1 views

CVE-2025-12299 code-projects Simple Food Ordering System addproduct.php cross site scripting

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

5.3CVSS4AI score0.00038EPSS

Positive Technologies•added 2025/10/27 12:0 a.m.•3 views

PT-2025-44033

Name of the Vulnerable Software and Affected Versions code-projects Food Ordering System version 1.0 Description A flaw exists in code-projects Food Ordering System 1.0 that allows for SQL injection. The issue is located in the file '/admin/menu.php'. Manipulation of the itemPrice argument can...

9.8CVSS5.2AI score0.00028EPSS

Exploits1References7

CNVD•added 2025/07/21 12:0 a.m.•1 views

Simple Shopping Cart save_order.php File SQL Injection Vulnerability

Simple Shopping Cart is a simple shopping cart system. Simple Shopping Cart suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter orderprice in the file /Customers/saveorder.php. An attacker can exploit this...

9.8CVSS7.9AI score0.00204EPSS

CNVD•added 2025/05/22 12:0 a.m.•2 views

Auto Taxi Stand Management System /admin/auto-taxi-entry-detail.php File SQL Injection Vulnerability

Auto Taxi Stand Management System is an auto cab stand management system. Auto Taxi Stand Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter price in the file...

9.8CVSS8.3AI score0.00277EPSS