Product:

Online_ordering_system

(Online_ordering_system_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 20
Date Id Summary Products Score Patch Annotated
2021-03-16 CVE-2021-28294 Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE). Online_ordering_system 9.8
2021-03-16 CVE-2021-28295 Online Ordering System 1.0 is vulnerable to unauthenticated SQL injection through /onlineordering/GPST/admin/design.php, which may lead to database information disclosure. Online_ordering_system 7.5
2021-07-22 CVE-2021-25211 Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php. Online_ordering_system 9.8
2022-06-02 CVE-2022-30794 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php. Online_ordering_system 7.2
2022-06-02 CVE-2022-30795 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. Online_ordering_system 7.2
2022-06-02 CVE-2022-30797 Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php. Online_ordering_system 9.8
2022-06-02 CVE-2022-30799 Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. Online_ordering_system 7.2
2022-06-02 CVE-2022-30798 Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. Online_ordering_system 7.2
2022-06-02 CVE-2022-31327 Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products&id=. Online_ordering_system 9.8
2022-06-02 CVE-2022-31328 Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering/admin/products/index.php?view=edit&id=. Online_ordering_system 9.8