| शीर्षक | Sourcecodester Online Food Ordering System v2 using PHP8 and MySQL Free Source Code v2.0 Local File Inclusion |
|---|
| विवरण | During the security assessment of "Online Food Ordering System", a critical local file inclusion vulnerability was identified in the "/index.php" file. This vulnerability is due to the direct use of user input from the 'page' parameter in the `include` statement without any path restriction. Attackers can manipulate the 'page' parameter to include sensitive files on the server, such as the database configuration file. Immediate remediation is necessary to safeguard system files and maintain the security of the system. |
|---|
| स्रोत | ⚠️ https://github.com/Mikkoseven/cve/issues/4 |
|---|
| उपयोगकर्ता | Jxsec (UID 98275) |
|---|
| सबमिशन | 15/05/2026 02:57 PM (20 दिन पहले) |
|---|
| संयम | 02/06/2026 05:47 PM (18 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 367963 [SourceCodester Online Food Ordering System 2.0 /index.php include page अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|