Oretnom23 Online_food_ordering_system

29 CVEs affecting Oretnom23 Online_food_ordering_system. Latest disclosed: 2026-03-27. Critical: 9, High: 9.

Top CVEs affecting Oretnom23 Online_food_ordering_system
CVESeverityScorePublishedSummary
CVE-2026-30533Critical9.82026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id" parameter.
CVE-2026-30532Critical9.82026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view_product.php file via the "id" parameter.
CVE-2026-30530Critical9.82026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_customer action). The ap…
CVE-2023-30122Critical9.82023-05-05An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitr…
CVE-2023-24646Critical9.82023-02-13An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a craft…
CVE-2020-29297Critical9.82023-01-20Multiple SQL Injection vulnerabilities in tourist5 Online-food-ordering-system 1.0.
CVE-2022-36759Critical9.82022-09-02Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
CVE-2022-29650Critical9.82022-05-25Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.
CVE-2021-41644Critical9.82021-10-29Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image up…
CVE-2026-30531High8.82026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_category action). The ap…
CVE-2026-30529High8.82026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The applic…
CVE-2026-30534High8.32026-03-27A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage_category.php via the "id" parameter.
CVE-2023-24647High7.52023-02-13Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.
CVE-2025-2387High7.32025-03-17A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /a…
CVE-2024-0247High7.32024-01-05A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /admin/ of t…
CVE-2023-1432High7.32023-03-16A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of…
CVE-2023-0332High7.32023-01-17A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file ad…
CVE-2022-29651High7.22022-05-25An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafte…
CVE-2023-27073Medium6.52023-03-14A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.
CVE-2023-0256Medium6.32023-01-12A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /f…