8 matches found
CVE-2025-4506
CVE-2025-4506 affects Campcodes Online Food Ordering System 1.0. The vulnerability is a SQL injection in the file /routers/menu-router.php, triggered by manipulating the argument 1_price. It is exposed remotely and has been publicly disclosed. Several connected sources corroborate the issue and t...
CVE-2025-4549
CVE-2025-4549 affects Campcodes Online Food Ordering System 1.0. The vulnerability is a SQL injection in /routers/register-router.php triggered by manipulating the Name argument, exploitable remotely. Exploitation has been disclosed publicly. Connected sources (Red Hat, CVE lists, PT-Security) co...
CVE-2025-4507
CVE-2025-4507 affects Campcodes Online Food Ordering System 1.0, with a SQL injection in /routers/add-item.php caused by manipulations of the price argument. The vulnerability can be exploited remotely and a public exploit is disclosed. Multiple connected sources corroborate the issue, listing th...
CVE-2025-4548
CVE-2025-4548 affects Campcodes Online Food Ordering System v1.0. The vulnerability is a SQL injection in an unknown part of /routers/router.php caused by manipulation of the Username argument. Exploitation is possible remotely. Affected component is the router.php handling user input, leading to...
CVE-2025-4492
CVE-2025-4492 concerns Campcodes Online Food Ordering System 1.0, where manipulation of the argument in /routers/ticket-message.php leads to a SQL injection. The vulnerability (remote- exploitable) arises from improper handling of the ticket_id parameter, with multiple connected sources confirmin...
CVE-2025-4489
CVE-2025-4489 affects Campcodes Online Food Ordering System 1.0. A vulnerability exists in the file /routers/user-router.php where manipulation of the t1_verified argument enables SQL injection. The issue is exploitable remotely and, per sources, the exploit has been disclosed publicly. Multiple ...
CVE-2025-4490
Campcodes Online Food Ordering System 1.0 has a SQL injection vulnerability in /view-ticket-admin.php triggered by manipulating the ID parameter. Exploitation can be remote and does not require authentication. Several sources indicate no patch is publicly available yet; mitigations include avoidi...
CVE-2025-4491
The CVE-2025-4491 entry concerns Campcodes Online Food Ordering System 1.0. Affected component: /routers/ticket-status.php. Root cause: manipulation of the ticket_id input enables SQL injection in the backend. Impact: high potential for unauthorized data access or modification; exploitation is re...