Decenchanted

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Food Ordering System version 1.0 Description: A critical issue was found in the itsourcecode Online Food Ordering System, affecting some unknown functionality of the file /purchase.php. The manipulation of the `customer` argument leads to SQL injection. The attack can be launched remotely. Recommendations: For itsourcecode Online Food Ordering System version 1.0, consider disabling the `/purchase.php` file or restricting access to it until a patch is available. Avoid using the `customer` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.