Vulnerabilities > Online Food Ordering System Project > Online Food Ordering System

DATE CVE VULNERABILITY TITLE RISK
2024-09-09 CVE-2024-8604 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0.
6.1
2024-01-05 CVE-2024-0247 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2023-05-05 CVE-2023-30122 Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
online-food-ordering-system-project CWE-434
critical
9.8
2023-03-16 CVE-2023-1432 Improper Access Control vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical.
network
low complexity
online-food-ordering-system-project CWE-284
critical
9.8
2023-03-14 CVE-2023-27073 Cross-Site Request Forgery (CSRF) vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.
6.5
2023-02-13 CVE-2023-24646 Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.
network
low complexity
online-food-ordering-system-project CWE-434
critical
9.8
2023-02-13 CVE-2023-24647 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.
7.5
2023-02-06 CVE-2023-24191 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php.
6.1
2023-02-06 CVE-2023-24192 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php.
6.1
2023-02-06 CVE-2023-24194 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php.
6.1