| Título | code-projects Online Food Ordering System 1.0 SQL Injection |
|---|
| Descrição | A vulnerability classified as critical has been found in code-projects.org Online Food Ordering System 1.0. This vulnerability affects an unknown function of the file /admin.php of the component Admin Login Module. The manipulation of the argument username leads to SQL injection. The injection occurs prior to authentication allowing unauthenticated remote attackers to execute arbitrary SQL commands via the login form. It is possible to launch the attack remotely with no privileges required and no user interaction needed. |
|---|
| Fonte | ⚠️ https://gist.github.com/HxH404/8e5bd42c0f968a92a23edc5e7b879955 |
|---|
| Utilizador | Abhiram T (UID 96000) |
|---|
| Submissão | 10/03/2026 08h07 (há 27 dias) |
|---|
| Moderação | 25/03/2026 15h47 (15 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 353149 [code-projects Online Food Ordering System 1.0 Admin Login /admin.php Nome de utilizador Injeção SQL] |
|---|
| Pontos | 20 |
|---|