Online Ordering System
by Online Ordering System Project
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-0883 | 0.00 | — | 0.01 | Feb 17, 2023 | A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated… | |||
| CVE-2022-3716 | 0.00 | — | 0.00 | Oct 27, 2022 | A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads… | |||
| CVE-2022-3714 | 0.00 | — | 0.00 | Oct 27, 2022 | A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack… | |||
| CVE-2022-36759 | 0.00 | — | 0.01 | Sep 2, 2022 | Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=. | |||
| CVE-2022-36581 | 0.00 | — | 0.01 | Aug 31, 2022 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php. | |||
| CVE-2022-36580 | 0.00 | — | 0.01 | Aug 31, 2022 | An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file. | |||
| CVE-2021-28295 | 0.00 | — | 0.16 | Mar 16, 2021 | Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure. |
- CVE-2023-0883Feb 17, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated…
- CVE-2022-3716Oct 27, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads…
- CVE-2022-3714Oct 27, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql injection. It is possible to launch the attack…
- CVE-2022-36759Sep 2, 2022risk 0.00cvss —epss 0.01
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
- CVE-2022-36581Aug 31, 2022risk 0.00cvss —epss 0.01
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php.
- CVE-2022-36580Aug 31, 2022risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2021-28295Mar 16, 2021risk 0.00cvss —epss 0.16
Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure.
Page 2 of 2