Oretnom23 Online Food Ordering System — known CVE vulnerabilities
Every CVE whose affected-product data names Oretnom23 Online Food Ordering System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2023-30122 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows…
CVE-2021-41644 — CVSS 9.8 (critical): Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that…
CVE-2022-29650 — CVSS 9.8 (critical): Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food…
CVE-2022-36759 — CVSS 9.8 (critical): Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
CVE-2026-30533 — CVSS 9.8 (critical): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id"…
CVE-2026-30532 — CVSS 9.8 (critical): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view_product.php file via the "id"…
CVE-2026-30530 — CVSS 9.8 (critical): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the…
CVE-2023-24646 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute…
CVE-2026-30531 — CVSS 8.8 (high): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the…
CVE-2026-30529 — CVSS 8.8 (high): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user…
CVE-2026-30534 — CVSS 8.3 (high): A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage_category.php via the "id" parameter.
CVE-2023-24647 — CVSS 7.5 (high): Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.
CVE-2025-2387 — CVSS 7.3 (high): A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown…
CVE-2023-1432 — CVSS 7.3 (high): A vulnerability was found in SourceCodester Online Food Ordering System 2.0 and classified as critical. Affected by this issue is some…
CVE-2023-0332 — CVSS 7.3 (high): A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown…
CVE-2024-0247 — CVSS 7.3 (high): A vulnerability classified as critical was found in CodeAstro Online Food Ordering System 1.0. This vulnerability affects unknown code of…
CVE-2022-29651 — CVSS 7.2 (high): An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute…
CVE-2023-27073 — CVSS 6.5 (medium): A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a…
CVE-2023-0256 — CVSS 6.3 (medium): A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown…
CVE-2023-24194 — CVSS 6.1 (medium): Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php.
CVE-2023-24195 — CVSS 6.1 (medium): Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.
CVE-2023-24197 — CVSS 6.1 (medium): Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php.
CVE-2023-24192 — CVSS 6.1 (medium): Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php.
CVE-2023-24191 — CVSS 6.1 (medium): Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in…
CVE-2026-30527 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management…
CVE-2023-0257 — CVSS 4.7 (medium): A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been declared as critical. Affected by this…
CVE-2024-8604 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in SourceCodester Online Food Ordering System 2.0. This affects an unknown part of…
CVE-2023-0258 — CVSS 2.4 (low): A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is…