Lucene search
K
CarmeloSimple Food Order System

10 matches found

CVE
CVE
added 2026/03/22 2:2 a.m.23 views

CVE-2026-4533

CVE-2026-4533 affects code-projects Simple Food Ordering System 1.0. The vulnerability is in the all-tickets.php file where manipulating the Status parameter results in an SQL injection, with remote exploitation possible. Exploitation details are reported across multiple sources (NVD, Red Hat, CI...

8.8CVSS6.5AI score0.00301EPSS
CVE
CVE
added 2026/03/28 10:30 p.m.23 views

CVE-2026-5017

CVE-2026-5017 affects code-projects Simple Food Order System 1.0, specifically the Parameter Handler’s file /all-tickets.php. Affected behavior: manipulation of the Status parameter can cause SQL injection, with remote exploitation and the exploit publicly released. Remediation guidance present i...

9.8CVSS6.9AI score0.00333EPSS
CVE
CVE
added 2026/03/28 10:30 p.m.22 views

CVE-2026-5018

CVE-2026-5018 concerns code-projects Simple Food Order System 1.0. The vulnerability lies in an unknown function within the Parameter Handler’s register-router.php, where manipulating the Name argument can cause SQL injection. The attack is remote, and exploit code is publicly available. Several ...

9.8CVSS6.9AI score0.00345EPSS
CVE
CVE
added 2026/03/17 5:2 p.m.14 views

CVE-2026-4319

CVE-2026-4319 affects code-projects Simple Food Order System 1.0. The vulnerability targets an unknown functionality in /routers/add-item.php where manipulating the price argument enables SQL injection. Exploitation can be performed remotely, and public exploits exist. The available data does not...

9.8CVSS7AI score0.00326EPSS
Web
CVE
CVE
added 2026/03/28 11:30 p.m.14 views

CVE-2026-5019

The CVE-2026-5019 issue affects code-projects’ Simple Food Order System 1.0, specifically the all-orders.php in the Parameter Handler. The vulnerability arises from manipulating the Status parameter, enabling a SQL injection. A remote attack is possible, and public exploit details have been discl...

9.8CVSS6.9AI score0.00449EPSS
CVE
CVE
added 2026/03/02 12:0 a.m.12 views

CVE-2026-26712

CVE-2026-26712 affects code-projects Simple Food Order System v1.0. The vulnerability is SQL Injection in /food/view-ticket-admin.php, caused by insufficient input handling in the application’s SQL queries. The CVSS v3.1 metrics indicate a CRITICAL severity (Base Score 9.8) with network attack ve...

9.8CVSS6AI score0.00319EPSS
CVE
CVE
added 2026/03/02 12:0 a.m.12 views

CVE-2026-26713

The CVE-2026-26713 entry affects Simple Food Order System v1.0. It is vulnerable to SQL Injection in /food/routers/cancel-order.php due to improper input handling in a database query. Impact is rated High for confidentiality, integrity, and availability (CVSS v3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:...

9.8CVSS6AI score0.0033EPSS
CVE
CVE
added 2026/03/02 12:0 a.m.11 views

CVE-2026-26710

CVE-2026-26710 affects code-projects Simple Food Order System v1.0 with a SQL Injection vulnerability in /food/routers/edit-orders.php. The issue is documented across multiple connected sources, which identify the vulnerability as SQL Injection and indicate a high-severity impact (CVSS v3.1: 9.8,...

9.8CVSS6AI score0.00337EPSS
CVE
CVE
added 2026/03/02 12:0 a.m.11 views

CVE-2026-26711

CVE-2026-26711 affects code-projects Simple Food Order System v1.0 and is due to an SQL Injection vulnerability in /food/view-ticket.php. The available documents state the root cause is unsafe SQL query construction leading to data disclosure/ tampering. CVSS v3.1 base score is 9.8 (CRITICAL), wi...

9.8CVSS6AI score0.00325EPSS
CVE
CVE
added 2026/03/22 1:32 a.m.9 views

CVE-2026-4532

CVE-2026-4532 affects the code-projects Simple Food Ordering System (up to version 1.0). The vulnerability targets the file system via the /food/sql/food.sql component of the Database Backup Handler. It reports that manipulation can make files or directories accessible and that the attack can be ...

7.5CVSS5.5AI score0.00453EPSS