VYPR
Vendor

Order Up

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2026-24494CriFeb 23, 2026
    risk 0.64cvss 9.8epss 0.00

    SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.

  • CVE-2024-46293Sep 30, 2024
    risk 0.00cvss epss 0.00

    Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does…

  • CVE-2024-32167Jun 10, 2024
    risk 0.00cvss epss 0.01

    Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion vulnerability as the backend settings have the function of deleting pictures to delete any files.

  • CVE-2023-1392Mar 14, 2023
    risk 0.00cvss epss 0.01

    A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is the function save_menu. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been…

  • CVE-2023-0987Feb 23, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit…