Shodan
Vulnerabilities
Vulnerable Software
Online Ordering System Project:  >> Online Ordering System  Security Vulnerabilities
CVE-2025-7755
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-17
CVE-2022-36580
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.009
Published
2022-08-31
CVE-2022-36581
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-08-31
CVE-2022-31355
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-17
CVE-2022-31356
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-17
CVE-2022-31357
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-17
CVE-2022-31327
Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products&id=.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-06-02
CVE-2022-31328
Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering/admin/products/index.php?view=edit&id=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-02
CVE-2022-31329
Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-02
CVE-2022-31335
Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved