GCVE - cpe:2.3:a:fabian:online_ordering_system:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fabian:online_ordering_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Fabian (`fbf7922e-b691-5c28-8717-83ed5e15ae54`)
Product	Online Ordering System (`b70281b8-95f6-5df2-9222-7405a8ab4f70`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-8256`	vulnerable	2026-06-03 15:13:43.206627	code-projects Online Ordering System product.php unrestricted upload MEDIUM (6.3) A vulnerability classified as critical has been found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/product.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-28T04:02:04.909Z Updated: 2025-07-28T16:07:15.035Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317844 https://vuldb.com/?ctiid.317844 https://vuldb.com/?submit.623446 https://github.com/zzb1388/cve/issues/28 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8248`	vulnerable	2026-06-03 15:13:43.203101	code-projects Online Ordering System signup.php sql injection HIGH (7.3) A vulnerability classified as critical was found in code-projects Online Ordering System 1.0. This vulnerability affects unknown code of the file /signup.php. The manipulation of the argument firstname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. Published: 2025-07-28T00:02:06.348Z Updated: 2025-07-28T17:16:24.252Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317836 https://vuldb.com/?ctiid.317836 https://vuldb.com/?submit.622392 https://github.com/xiajian-qx/cve-xiajian/issues/2 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8236`	vulnerable	2026-06-03 15:13:43.182933	code-projects Online Ordering System edit_product.php sql injection HIGH (7.3) A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-27T17:32:04.928Z Updated: 2025-07-28T17:06:42.120Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317824 https://vuldb.com/?ctiid.317824 https://vuldb.com/?submit.622391 https://github.com/xiajian-qx/cve-xiajian/issues/3 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8235`	vulnerable	2026-06-03 15:13:43.182483	code-projects Online Ordering System product.php sql injection HIGH (7.3) A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-27T16:02:06.108Z Updated: 2025-07-28T17:04:17.324Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317823 https://vuldb.com/?ctiid.317823 https://vuldb.com/?submit.622390 https://github.com/xiajian-qx/cve-xiajian/issues/4 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8234`	vulnerable	2026-06-03 15:13:43.181993	code-projects Online Ordering System delete_member.php sql injection HIGH (7.3) A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_member.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-27T15:02:05.383Z Updated: 2025-07-28T17:02:49.085Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317822 https://vuldb.com/?ctiid.317822 https://vuldb.com/?submit.622389 https://github.com/xiajian-qx/cve-xiajian/issues/5 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8233`	vulnerable	2026-06-03 15:13:43.181425	code-projects Online Ordering System user.php sql injection HIGH (7.3) A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-27T14:32:05.209Z Updated: 2025-07-28T17:01:09.814Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317821 https://vuldb.com/?ctiid.317821 https://vuldb.com/?submit.622388 https://github.com/xiajian-qx/cve-xiajian/issues/6 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-8232`	vulnerable	2026-06-03 15:13:43.180730	code-projects Online Ordering System delete_user.php sql injection HIGH (7.3) A vulnerability, which was classified as critical, was found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/delete_user.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-27T14:02:05.440Z Updated: 2025-07-28T17:00:18.215Z Open on db.gcve.eu Reference links https://vuldb.com/?id.317820 https://vuldb.com/?ctiid.317820 https://vuldb.com/?submit.622387 https://github.com/xiajian-qx/cve-xiajian/issues/7 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14251`	vulnerable	2026-06-03 14:58:54.975879	code-projects Online Ordering System Admin Login admin sql injection HIGH (7.3) A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Published: 2025-12-08T16:02:05.729Z Updated: 2025-12-08T17:10:25.176Z Open on db.gcve.eu Reference links https://vuldb.com/?id.334761 https://vuldb.com/?ctiid.334761 https://vuldb.com/?submit.702467 https://github.com/zzb1388/cve/issues/95 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14250`	vulnerable	2026-06-03 14:58:54.975515	code-projects Online Ordering System user_contact.php sql injection HIGH (7.3) A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /user_contact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. Published: 2025-12-08T15:32:07.223Z Updated: 2025-12-08T17:10:35.014Z Open on db.gcve.eu Reference links https://vuldb.com/?id.334760 https://vuldb.com/?ctiid.334760 https://vuldb.com/?submit.702466 https://github.com/zzb1388/cve/issues/94 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-14249`	vulnerable	2026-06-03 14:58:54.975058	code-projects Online Ordering System user_school.php sql injection HIGH (7.3) A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /user_school.php. The manipulation of the argument product_id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. Published: 2025-12-08T15:02:05.656Z Updated: 2025-12-08T17:10:43.039Z Open on db.gcve.eu Reference links https://vuldb.com/?id.334759 https://vuldb.com/?ctiid.334759 https://vuldb.com/?submit.702465 https://github.com/zzb1388/cve/issues/93 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.