Lucene search
+L
Fast Food Ordering System ProjectFast Food Ordering System

15 matches found

cve
cve
added 2022/08/06 6:25 a.m.113 views

CVE-2022-2686

CVE-2022-2686 affects oretnom23 Fast Food Ordering System, with the vulnerability in the Menu List Page where the Description argument can be manipulated to trigger cross-site scripting. The issue can be exploited remotely, and public exploitation details have been disclosed (VDB-205725). Several...

5.4CVSS4.4AI score0.00454EPSS
cve
cve
added 2022/07/14 7:45 p.m.71 views

CVE-2022-32318

The Connected documents confirm a persistent cross-site scripting (XSS) vulnerability in Fast Food Ordering System v1.0, exploitable via the request parameter in /ffos/classes/Master.php?f=save_category. The CVE entry (CVE-2022-32318) identifies the affected product as Fast Food Ordering System v...

5.4CVSS5.3AI score0.00492EPSS
cve
cve
added 2022/06/14 3:17 p.m.71 views

CVE-2022-32332

Fast Food Ordering System v1.0 is vulnerable to SQL Injection in Master.php?f=delete_category due to missing input validation, enabling attackers to manipulate queries and potentially access or exfiltrate data. The sources do not provide a published patch/version for remediation or explicit explo...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/06/14 1:2 p.m.70 views

CVE-2022-32336

CVE-2022-32336 concerns the Fast Food Ordering System v1.0, which is vulnerable to SQL Injection via the parameter id in /ffos/admin/menus/view_menu.php. The connected documents corroborate a lack of input validation that allows arbitrary SQL execution against the database, enabling data leakage ...

9.8CVSS9.7AI score0.01026EPSS
cve
cve
added 2022/06/14 3:18 p.m.64 views

CVE-2022-32333

CVE-2022-32333 affects Fast Food Ordering System v1.0. The vulnerability is a SQL Injection in the admin receipt page, disclosed as /ffos/admin/sales/receipt.php?id=. The connected sources confirm a database query manipulation vector exposing Partial/High impact possibilities (per CVSS data, with...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/06/14 3:11 p.m.61 views

CVE-2022-32328

CVE-2022-32328 affects Fast Food Ordering System v1.0. The vulnerability is an arbitrary file deletion issue exploitable through the API endpoint /ffos/classes/Master.php?f=delete_img due to insufficient input/permission validation in the delete_img function. Impact statements in sources indicate...

9.1CVSS9AI score0.01147EPSS
cve
cve
added 2022/06/03 2:25 p.m.60 views

CVE-2022-1991

CVE-2022-1991 affects Fast Food Ordering System 1.0, targeting the Master.php Master List. The issue is a cross-site scripting (XSS) vulnerability caused by unsanitized input in the Description parameter (example payload: foo "'>). Exploitation is possible remotely but requires authentication....

4.8CVSS4.4AI score0.00572EPSS
cve
cve
added 2022/06/14 3:14 p.m.56 views

CVE-2022-32330

The CVE-2022-32330 entry concerns Fast Food Ordering System v1.0, where a SQL Injection vulnerability exists in Master.php?f=delete_menu. The connected documents clearly identify the affected application/file path and the underlying flaw (input for SQL statements not being validated), indicating ...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/08/27 9:5 a.m.55 views

CVE-2022-3012

CVE-2022-3012 concerns the oretnom23 Fast Food Ordering System. Multiple connected sources confirm a vulnerability in the ffos/admin/reports/index.php component where manipulating the date parameter enables SQL injection. The flaw is exploitable remotely and has been publicly disclosed. Documents...

8.8CVSS7.7AI score0.00613EPSS
cve
cve
added 2022/08/27 9:5 a.m.55 views

CVE-2022-3015

CVE-2022-3015 affects oretnom23 Fast Food Ordering System, specifically the admin/?page=reports handling. The root cause is manipulation of the date parameter, enabling cross-site scripting (XSS). The vulnerability is exploitable remotely; attack complexity is low and no privileges are required, ...

6.1CVSS4.8AI score0.0035EPSS
cve
cve
added 2022/06/14 3:15 p.m.55 views

CVE-2022-32331

CVE-2022-32331 affects Fast Food Ordering System v1.0. The issue is a SQL Injection in /ffos/admin/categories/view_category.php?id=, caused by unsanitized external input in the query. The CVE is corroborated by multiple sources (NVD, Red Hat, CNVD, CNVD-derived CNVD-2022-48950, and others) listin...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/06/14 3:20 p.m.54 views

CVE-2022-32334

CVE-2022-32334 affects Fast Food Ordering System v1.0. The vulnerability is an SQL injection in /ffos/admin/categories/manage_category.php?id= due to lack of input validation for the id parameter. Documented impact is SQL data access/exfiltration via the vulnerable parameter (high severity per CV...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/06/14 3:21 p.m.52 views

CVE-2022-32335

CVE-2022-32335 affects the Fast Food Ordering System v1.0. The vulnerability is a SQL Injection in /ffos/admin/menus/manage_menu.php?id=, caused by lack of input validation for external SQL statements. Exploitation could allow attackers to access or manipulate database data. Documented impacts ar...

7.2CVSS7.4AI score0.00909EPSS
cve
cve
added 2022/11/01 12:0 a.m.52 views

CVE-2022-43082

CVE-2022-43082 describes an XSS vulnerability in the Fast Food Ordering System v1.0, exploitable via the customer parameter in /fastfood/purchase.php. The issue is tied to the /fastfood/purchase.php endpoint, with the root cause implied as improper handling of user-supplied input. Affected compon...

6.1CVSS5.8AI score0.00473EPSS
cve
cve
added 2022/11/01 12:0 a.m.48 views

CVE-2022-43081

CVE-2022-43081 concerns the product Fast Food Ordering System v1.0 , with a documented vulnerability in the /fastfood/purchase.php component that enables a SQL injection . The connected sources consistently identify this issue as a SQL injection affecting the purchase endpoint; no explicit exploi...

7.5CVSS7.7AI score0.00751EPSS