Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-24195 1 Oretnom23 1 Online Food Ordering System 2026-03-30 6.1 Medium
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.
CVE-2023-24647 1 Oretnom23 1 Online Food Ordering System 2026-03-30 7.5 High
Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.
CVE-2023-27073 1 Oretnom23 1 Online Food Ordering System 2026-03-30 6.5 Medium
A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.
CVE-2022-29651 1 Oretnom23 1 Online Food Ordering System 2026-03-30 7.2 High
An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-36759 1 Oretnom23 1 Online Food Ordering System 2026-03-30 9.8 Critical
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=.
CVE-2023-24192 1 Oretnom23 1 Online Food Ordering System 2026-03-30 6.1 Medium
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php.
CVE-2022-29650 1 Oretnom23 1 Online Food Ordering System 2026-03-30 9.8 Critical
Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the Search parameter at /online-food-order/food-search.php.
CVE-2021-41644 1 Oretnom23 1 Online Food Ordering System 2026-03-30 9.8 Critical
Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.
CVE-2025-2387 1 Oretnom23 1 Online Food Ordering System 2025-05-28 7.3 High
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.