CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8711 – SourceCodester Food Ordering Management System includes exposure of information through directory listing
https://notcve.org/view.php?id=CVE-2024-8711
A vulnerability, which was classified as problematic, has been found in SourceCodester Food Ordering Management System 1.0. Affected by this issue is some unknown functionality of the file /includes/. The manipulation leads to exposure of information through directory listing. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jz-qb/cve/blob/main/dir.md https://vuldb.com/?ctiid.277220 https://vuldb.com/?id.277220 https://vuldb.com/?submit.405343 https://www.sourcecodester.com • CWE-548: Exposure of Information Through Directory Listing •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8582 – SourceCodester Food Ordering Management System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8582
A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument description leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Niu-zida/cve/blob/main/Cross-Site%20Scripting.md https://vuldb.com/?ctiid.276818 https://vuldb.com/?id.276818 https://vuldb.com/?submit.404604 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8558 – SourceCodester Food Ordering Management System Price place-order.php improper validation of specified quantity in input
https://notcve.org/view.php?id=CVE-2024-8558
A vulnerability classified as problematic was found in SourceCodester Food Ordering Management System 1.0. This vulnerability affects unknown code of the file /foms/routers/place-order.php of the component Price Handler. The manipulation of the argument total leads to improper validation of specified quantity in input. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Niu-zida/cve/blob/main/Payment%20loopholes.md https://vuldb.com/?ctiid.276778 https://vuldb.com/?id.276778 https://vuldb.com/?submit.403345 https://www.sourcecodester.com • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8557 – SourceCodester Food Ordering Management System cancel-order.php sql injection
https://notcve.org/view.php?id=CVE-2024-8557
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System 1.0. This affects an unknown part of the file /foms/routers/cancel-order.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.276777 https://vuldb.com/?ctiid.276777 https://vuldb.com/?submit.403082 https://github.com/tldjgggg/cve/blob/main/sql2.md https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8416 – SourceCodester Food Ordering Management System ticket-status.php sql injection
https://notcve.org/view.php?id=CVE-2024-8416
A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been classified as critical. This affects an unknown part of the file /routers/ticket-status.php. The manipulation of the argument ticket_id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/SherlockMA0/cve/blob/main/sql2.md https://vuldb.com/?ctiid.276495 https://vuldb.com/?id.276495 https://vuldb.com/?submit.402369 https://www.sourcecodester.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •