Code-Projects Simple Food Order System vulnerabilities

CVE-2026-5019 [MEDIUM] CWE-74 CVE-2026-5019: A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected b A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly

CVE-2026-5018 [MEDIUM] CWE-74 CVE-2026-5018: A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be use

CVE-2026-5017 [MEDIUM] CWE-74 CVE-2026-5017: A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an u A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used

CVE-2026-4319 [MEDIUM] CWE-74 CVE-2026-4319: A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulne A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.