| tiêu đề | Sourcecodester Online Food Ordering System v2 using PHP8 and MySQL Free Source Code v2.0 Local File Inclusion |
|---|
| Mô tả | During the security assessment of "Online Food Ordering System", a critical local file inclusion vulnerability was identified in the "/index.php" file. This vulnerability is due to the direct use of user input from the 'page' parameter in the `include` statement without any path restriction. Attackers can manipulate the 'page' parameter to include sensitive files on the server, such as the database configuration file. Immediate remediation is necessary to safeguard system files and maintain the security of the system. |
|---|
| Nguồn | ⚠️ https://github.com/Mikkoseven/cve/issues/4 |
|---|
| Người dùng | Jxsec (UID 98275) |
|---|
| Đệ trình | 15/05/2026 14:57 (cách đây 23 ngày) |
|---|
| Kiểm duyệt | 02/06/2026 17:47 (18 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 367963 [SourceCodester Online Food Ordering System 2.0 /index.php include page nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|