Vulnerabilities (CVE)

Filtered by vendor Fast Food Ordering System Project Subscribe
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32328 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-22 6.4 MEDIUM 9.1 CRITICAL
Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.
CVE-2022-32336 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-22 7.5 HIGH 9.8 CRITICAL
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=.
CVE-2022-32334 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=.
CVE-2022-32335 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=.
CVE-2022-32332 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category.
CVE-2022-32333 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=.
CVE-2022-32331 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/view_category.php?id=.
CVE-2022-32330 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-21 6.5 MEDIUM 7.2 HIGH
Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu.
CVE-2022-1991 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-14 3.5 LOW 4.8 MEDIUM
A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation of the argument Description with the input foo "><img src="" onerror="alert(document.cookie)"> leads to cross site scripting. It is possible to launch the attack remotely but it requires authentication. Exploit details have been disclosed to the public.