Simple Food Order System
Approved changes feed: RSS · Atom
cpe:2.3:a:carmelo:simple_food_order_system:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | Carmelo (6b035a27-935d-5e7e-afc6-e62cb1b98eda) |
|---|---|
| Product | Simple Food Order System (faaa92b5-959f-5bdb-9909-79e40c265539) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-5019 |
vulnerable | 2026-06-03 15:26:26.428490 |
code-projects Simple Food Order System Parameter all-orders.php sql injection
HIGH (7.3)
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Published: 2026-03-28T23:30:12.263Z
Updated: 2026-03-30T13:29:17.174Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-5018 |
vulnerable | 2026-06-03 15:26:26.427991 |
code-projects Simple Food Order System Parameter register-router.php sql injection
HIGH (7.3)
A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Published: 2026-03-28T22:30:15.700Z
Updated: 2026-03-30T15:54:42.543Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-5017 |
vulnerable | 2026-06-03 15:26:26.427542 |
code-projects Simple Food Order System Parameter all-tickets.php sql injection
HIGH (7.3)
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Published: 2026-03-28T22:30:12.864Z
Updated: 2026-03-30T14:52:56.572Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-4533 |
vulnerable | 2026-06-03 15:26:25.642645 |
code-projects Simple Food Ordering System all-tickets.php sql injection
MEDIUM (6.3)
A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
Published: 2026-03-22T02:02:11.932Z
Updated: 2026-03-23T16:20:57.922Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-4532 |
vulnerable | 2026-06-03 15:26:25.642015 |
code-projects Simple Food Ordering System Database Backup food.sql file access
MEDIUM (5.3)
A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. It is recommended to change the configuration settings.
Published: 2026-03-22T01:32:14.714Z
Updated: 2026-03-23T16:39:58.679Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-4319 |
vulnerable | 2026-06-03 15:26:25.289243 |
code-projects Simple Food Order System add-item.php sql injection
HIGH (7.3)
A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
Published: 2026-03-17T17:02:11.472Z
Updated: 2026-03-17T17:21:02.768Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-26713 |
vulnerable | 2026-06-03 15:18:05.721099 |
Details available
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php.
Published: 2026-03-02T00:00:00.000Z
Updated: 2026-03-03T15:21:06.155Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-26712 |
vulnerable | 2026-06-03 15:18:05.720649 |
Details available
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket-admin.php.
Published: 2026-03-02T00:00:00.000Z
Updated: 2026-03-03T15:19:37.022Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-26711 |
vulnerable | 2026-06-03 15:18:05.720262 |
Details available
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket.php.
Published: 2026-03-02T00:00:00.000Z
Updated: 2026-03-03T15:18:25.336Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-26710 |
vulnerable | 2026-06-03 15:18:05.719779 |
Details available
code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php.
Published: 2026-03-02T00:00:00.000Z
Updated: 2026-03-03T15:16:27.179Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.