Vulnerabilities > Online Food Ordering System Project

DATE CVE VULNERABILITY TITLE RISK
2023-02-06 CVE-2023-24195 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.
6.1
2023-02-06 CVE-2023-24197 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php.
6.1
2023-01-20 CVE-2020-29297 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
Multiple SQL Injection vulnerabilities in tourist5 Online-food-ordering-system 1.0.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2023-01-17 CVE-2023-0332 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability was found in SourceCodester Online Food Ordering System 2.0.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2023-01-12 CVE-2023-0256 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability was found in SourceCodester Online Food Ordering System 2.0.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2023-01-12 CVE-2023-0257 Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability was found in SourceCodester Online Food Ordering System 2.0.
network
low complexity
online-food-ordering-system-project CWE-434
critical
9.8
2023-01-12 CVE-2023-0258 Cross-site Scripting vulnerability in Online Food Ordering System Project Online Food Ordering System 2.0
A vulnerability was found in SourceCodester Online Food Ordering System 2.0.
6.1
2022-09-02 CVE-2022-36759 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2022-05-25 CVE-2022-29650 SQL Injection vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.
network
low complexity
online-food-ordering-system-project CWE-89
critical
9.8
2022-05-25 CVE-2022-29651 Unrestricted Upload of File with Dangerous Type vulnerability in Online Food Ordering System Project Online Food Ordering System 1.0
An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
7.2