| Titre | code-projects Online Food Ordering System 1.0 SQL Injection |
|---|
| Description | A vulnerability classified as critical has been found in code-projects.org Online Food Ordering System 1.0. This vulnerability affects an unknown function of the file /admin.php of the component Admin Login Module. The manipulation of the argument username leads to SQL injection. The injection occurs prior to authentication allowing unauthenticated remote attackers to execute arbitrary SQL commands via the login form. It is possible to launch the attack remotely with no privileges required and no user interaction needed. |
|---|
| La source | ⚠️ https://gist.github.com/HxH404/8e5bd42c0f968a92a23edc5e7b879955 |
|---|
| Utilisateur | Abhiram T (UID 96000) |
|---|
| Soumission | 10/03/2026 08:07 (il y a 27 jours) |
|---|
| Modérer | 25/03/2026 15:47 (15 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 353149 [code-projects Online Food Ordering System 1.0 Admin Login /admin.php Nom d'utilisateur injection SQL] |
|---|
| Points | 20 |
|---|