CVE-2026-30530

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Mar 27, 2026

Vendor unknown

Description

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_customer action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL commands.

References

https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-System/SQLi-Actions-saveCustomer-username.md