Vulnerabilities > Projectworlds > Online Food Ordering System > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-02 | CVE-2023-45344 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45343 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45342 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45341 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45340 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45336 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45334 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45325 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
| 2023-11-02 | CVE-2023-45323 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 |