Online Ordering System Project Security Vulnerabilities

CVE-2022-36581

Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at...

CVE-2022-36580

An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP...