PT-2026-22685 · Code Projects · Simple Food Ordering System

Thirtypenny77

Publicado

2026-03-02

Atualizado

2026-03-03

CVE-2026-26710

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Order System version 1.0

Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. This issue affects the /food/routers/edit-orders.php endpoint. The edit-orders.php file is vulnerable, potentially allowing attackers to manipulate database queries. The vulnerable parameter is not specified.

Recommendations Apply appropriate input validation and sanitization techniques to prevent SQL Injection attacks in the /food/routers/edit-orders.php endpoint.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-26710

Produtos afetados

Simple Food Ordering System

PT-2026-22685 · Code Projects · Simple Food Ordering System

CVE-2026-26710

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6