14 matches found
EUVD-2023-23709
Malicious code in bioql PyPI...
CVE-2023-5423 SourceCodester Online Pizza Ordering System sql injection
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirmorder. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely...
CVE-2023-30092
SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter...
CVE-2023-2246 SourceCodester Online Pizza Ordering System unrestricted upload
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=savesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated...
CVE-2023-1460
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...
CVE-2023-1460 SourceCodester Online Pizza Ordering System Password Change improper authentication
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file admin/ajax.php?action=saveuser of the component Password Change Handler. The manipulation leads to improper authentication. It is possible to...
CVE-2023-1455
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND SELECT 9110 FR...
CVE-2023-1364
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file category.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The...
CVE-2023-0987
A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2023-0988
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. The attack may be initiated remotel...
Cross site scripting
A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2023-0988 SourceCodester Online Pizza Ordering System cross-site request forgery
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=saveuser. The manipulation leads to cross-site request forgery. The attack may be initiated remotel...
Sql injection
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file viewprod.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...
CVE-2023-0883
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...