ReportizFlow
Filtered by vendor Oretnom23
Subscriptions
Filtered by product Online Food Ordering System
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0258 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 2.4 Low |
| A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Category List Handler. The manipulation of the argument Reason with the input "><script>prompt(1)</script> leads to cross site scripting. The attack may be launched remotely. VDB-218186 is the identifier assigned to this vulnerability. | ||||
| CVE-2020-29297 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 9.8 Critical |
| Multiple SQL Injection vulnerabilities in tourist5 Online-food-ordering-system 1.0. | ||||
| CVE-2022-29651 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 7.2 High |
| An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2023-24191 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php. | ||||
| CVE-2023-24646 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 9.8 Critical |
| An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2023-0332 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 7.3 High |
| A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file admin/manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218472. | ||||
| CVE-2023-24194 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php. | ||||
| CVE-2023-24195 | 1 Oretnom23 | 1 Online Food Ordering System | 2026-03-30 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php. | ||||
| CVE-2025-2387 | 1 Oretnom23 | 1 Online Food Ordering System | 2025-05-28 | 7.3 High |
| A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||