Show filters
21 Total Results
Displaying 11-20 of 21
Sort by:
Attacker Value
Unknown
CVE-2023-45341
Disclosure Date: November 02, 2023 (last updated December 01, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-45340
Disclosure Date: November 02, 2023 (last updated December 01, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/details-router.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-45336
Disclosure Date: November 02, 2023 (last updated December 01, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-45334
Disclosure Date: November 02, 2023 (last updated November 10, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'status' parameter of the routers/edit-orders.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-45325
Disclosure Date: November 02, 2023 (last updated November 10, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-45323
Disclosure Date: November 02, 2023 (last updated November 10, 2023)
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database.
0
Attacker Value
Unknown
CVE-2023-27073
Disclosure Date: March 14, 2023 (last updated October 08, 2023)
A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.
0
Attacker Value
Unknown
CVE-2020-29297
Disclosure Date: January 20, 2023 (last updated November 02, 2023)
Multiple SQL Injection vulnerabilities in tourist5 Online-food-ordering-system 1.0.
0
Attacker Value
Unknown
CVE-2022-36759
Disclosure Date: September 02, 2022 (last updated October 08, 2023)
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
0
Attacker Value
Unknown
CVE-2022-29651
Disclosure Date: May 25, 2022 (last updated February 23, 2025)
An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
0
