Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
SourceCodester Online Food Ordering System allows malicious price changes
CVE-2026-5811
Summary
A security issue in the SourceCodester Online Food Ordering System's save_product function could allow an attacker to manipulate product prices, potentially causing business logic errors. This vulnerability can be exploited from a remote location and exploit code is publicly available. To protect your system, update the software to the latest version.
Original title
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function save_product of the file /Actions.php of the component POST Parameter Handle...
Original description
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function save_product of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performed from remote. The exploit is publicly available and might be used.
nvd CVSS2.0
5.5
nvd CVSS3.1
5.4
nvd CVSS4.0
5.3
Vulnerability type
CWE-840
Published: 8 Apr 2026 · Updated: 8 Apr 2026 · First seen: 8 Apr 2026