CVE-2026-30530

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save customer action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL commands.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2026-30530

Affected Products

Online Food Ordering System

CVE-2026-30530

Weakness Enumeration

Related Identifiers

Affected Products

References · 2