| Título | code-projects Online Food Ordering System 1.0 SQL Injection |
|---|
| Descripción | A vulnerability classified as critical has been found in code-projects.org Online Food Ordering System 1.0. This vulnerability affects an unknown function of the file /admin.php of the component Admin Login Module. The manipulation of the argument username leads to SQL injection. The injection occurs prior to authentication allowing unauthenticated remote attackers to execute arbitrary SQL commands via the login form. It is possible to launch the attack remotely with no privileges required and no user interaction needed. |
|---|
| Fuente | ⚠️ https://gist.github.com/HxH404/8e5bd42c0f968a92a23edc5e7b879955 |
|---|
| Usuario | Abhiram T (UID 96000) |
|---|
| Sumisión | 2026-03-10 08:07 (hace 27 días) |
|---|
| Moderación | 2026-03-25 15:47 (15 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 353149 [code-projects Online Food Ordering System 1.0 Admin Login /admin.php Nombre de usuario inyección SQL] |
|---|
| Puntos | 20 |
|---|