Unknown · Projectworlds Online Ordering Food System · CVE-2025-11604
**Name of the Vulnerable Software and Affected Versions**
ProjectWorlds Online Ordering Food System version 1.0
**Description**
A SQL injection issue exists due to improper processing of the `Status` argument in the `/all-orders.php` file. Remote exploitation is possible. The exploit has been publicly disclosed.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.