CVE-2026-4471

Description

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin_edit_employee.php. Executing a manipulation of the argument First_Name can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

References

• https://github.com/microwaveabi/vul/issues/1
• https://itsourcecode.com/
• https://vuldb.com/?ctiid.351761
• https://vuldb.com/?id.351761
• https://vuldb.com/?submit.773939