CVE-2026-26711

Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0

Description The Simple Food Order System version 1.0 is susceptible to SQL Injection. This issue affects the /food/view-ticket.php endpoint. The ticket id parameter within this endpoint is likely vulnerable. Successful exploitation could allow an attacker to manipulate database queries, potentially leading to unauthorized access, data modification, or disclosure.

Recommendations Apply input validation and sanitization to the ticket id parameter in the /food/view-ticket.php endpoint to prevent the injection of malicious SQL code.