PT-2026-56654 · Code Projects · Online Food Ordering System

Zhaoyihao

·

Published

2026-07-08

·

Updated

2026-07-09

·

CVE-2026-15135

CVSS v3.1

7.3

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /edit food items.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Exploit

Fix

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15135

Affected Products

Online Food Ordering System