Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Online_ordering_system
(Online_ordering_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 20 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-02 | CVE-2022-31329 | Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php. | Online_ordering_system | 9.8 | ||
| 2022-06-02 | CVE-2022-31335 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=. | Online_ordering_system | 9.8 | ||
| 2022-06-02 | CVE-2022-31336 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php. | Online_ordering_system | 9.8 | ||
| 2022-06-02 | CVE-2022-31337 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index.php?view=edit&id=. | Online_ordering_system | 9.8 | ||
| 2022-06-02 | CVE-2022-31338 | Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=. | Online_ordering_system | 9.8 | ||
| 2022-06-17 | CVE-2022-31355 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/index.php?q=category&search=. | Online_ordering_system | 9.8 | ||
| 2022-06-17 | CVE-2022-31356 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/store/index.php?view=edit&id=. | Online_ordering_system | 9.8 | ||
| 2022-06-17 | CVE-2022-31357 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via /ordering/admin/inventory/index.php?view=edit&id=. | Online_ordering_system | 9.8 | ||
| 2022-08-31 | CVE-2022-36580 | An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file. | Online_ordering_system | 7.2 | ||
| 2022-08-31 | CVE-2022-36581 | Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php. | Online_ordering_system | 7.5 |