10 matches found
CVE-2026-4533
CVE-2026-4533 affects code-projects Simple Food Ordering System 1.0. The vulnerability is in the all-tickets.php file where manipulating the Status parameter results in an SQL injection, with remote exploitation possible. Exploitation details are reported across multiple sources (NVD, Red Hat, CI...
CVE-2026-5017
CVE-2026-5017 affects code-projects Simple Food Order System 1.0, specifically the Parameter Handler’s file /all-tickets.php. Affected behavior: manipulation of the Status parameter can cause SQL injection, with remote exploitation and the exploit publicly released. Remediation guidance present i...
CVE-2026-5018
CVE-2026-5018 concerns code-projects Simple Food Order System 1.0. The vulnerability lies in an unknown function within the Parameter Handler’s register-router.php, where manipulating the Name argument can cause SQL injection. The attack is remote, and exploit code is publicly available. Several ...
CVE-2026-4319
CVE-2026-4319 affects code-projects Simple Food Order System 1.0. The vulnerability targets an unknown functionality in /routers/add-item.php where manipulating the price argument enables SQL injection. Exploitation can be performed remotely, and public exploits exist. The available data does not...
CVE-2026-5019
The CVE-2026-5019 issue affects code-projects’ Simple Food Order System 1.0, specifically the all-orders.php in the Parameter Handler. The vulnerability arises from manipulating the Status parameter, enabling a SQL injection. A remote attack is possible, and public exploit details have been discl...
CVE-2026-26712
CVE-2026-26712 affects code-projects Simple Food Order System v1.0. The vulnerability is SQL Injection in /food/view-ticket-admin.php, caused by insufficient input handling in the application’s SQL queries. The CVSS v3.1 metrics indicate a CRITICAL severity (Base Score 9.8) with network attack ve...
CVE-2026-26713
The CVE-2026-26713 entry affects Simple Food Order System v1.0. It is vulnerable to SQL Injection in /food/routers/cancel-order.php due to improper input handling in a database query. Impact is rated High for confidentiality, integrity, and availability (CVSS v3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:...
CVE-2026-26710
CVE-2026-26710 affects code-projects Simple Food Order System v1.0 with a SQL Injection vulnerability in /food/routers/edit-orders.php. The issue is documented across multiple connected sources, which identify the vulnerability as SQL Injection and indicate a high-severity impact (CVSS v3.1: 9.8,...
CVE-2026-26711
CVE-2026-26711 affects code-projects Simple Food Order System v1.0 and is due to an SQL Injection vulnerability in /food/view-ticket.php. The available documents state the root cause is unsafe SQL query construction leading to data disclosure/ tampering. CVSS v3.1 base score is 9.8 (CRITICAL), wi...
CVE-2026-4532
CVE-2026-4532 affects the code-projects Simple Food Ordering System (up to version 1.0). The vulnerability targets the file system via the /food/sql/food.sql component of the Database Backup Handler. It reports that manipulation can make files or directories accessible and that the attack can be ...