PT-2026-3444 · Itsourcecode · Itsourcecode Online Frozen Foods Ordering System
Nick_1321
·
Published
2026-01-19
·
Updated
2026-01-19
·
CVE-2026-1159
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
itsourcecode Online Frozen Foods Ordering System version 1.0
Description
A flaw exists in the processing of the
/order online.php file within itsourcecode Online Frozen Foods Ordering System. Manipulation of the product name argument can result in SQL injection. This issue is exploitable remotely, and details about the exploit are publicly available.Recommendations
Apply any available updates or patches for itsourcecode Online Frozen Foods Ordering System version 1.0.
As a temporary workaround, consider sanitizing the
product name input to prevent SQL injection attacks.
Restrict access to the /order online.php file to minimize the risk of exploitation.Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Itsourcecode Online Frozen Foods Ordering System