Online Ordering System Project: >> Online Ordering System >> 1.0 Security Vulnerabilities
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit_product.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-07-17
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-02
Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.
CVSS Score
9.8
EPSS Score
0.01
Published
2021-07-22
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
CVSS Score
9.8
EPSS Score
0.026
Published
2021-03-16
Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-03-16