Shodan
Vulnerabilities
Vulnerable Software
Oretnom23:  >> Online Food Ordering System  Security Vulnerabilities
CVE-2023-30122
An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-05-05
CVE-2023-1432
A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /fos/admin/ajax.php?action=save_settings of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be launched remotely. VDB-223214 is the identifier assigned to this vulnerability.
CVSS Score
7.3
EPSS Score
0.003
Published
2023-03-16
CVE-2023-27073
A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-03-14
CVE-2023-24646
An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-02-13
CVE-2023-24647
Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-02-13
CVE-2023-24191
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-02-06
CVE-2023-24192
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-02-06
CVE-2023-24194
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-02-06
CVE-2023-24195
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-02-06
CVE-2023-24197
Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved