← back
CVE-2026-4844

code-projects Online Food Ordering System Admin Login admin.php sql injection

CVSS 6.9 MEDIUMEPSS 0.3%CWE-74CWE-89
A vulnerability was detected in code-projects Online Food Ordering System 1.0. This issue affects some unknown processing of the file /admin.php of the component Admin Login Module. The manipulation of the argument Username results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
code-projects · Online Food Ordering System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://code-projects.org/https://gist.github.com/HxH404/8e5bd42c0f968a92a23edc5e7b879955https://vuldb.com/?ctiid.353149https://vuldb.com/?id.353149https://vuldb.com/?submit.776137