CVE-2026-24494 – SQL injection vulnerability in Order Up Online Ordering System

CVE ID : CVE-2026-24494

Published : Feb. 23, 2026, 2:16 a.m. | 48 minutes ago

Description : SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-2971 – a466350665 Smart-SSO Login login.html cross site scripting

CVE-2026-2998 – eAI Technologies|ERP – DLL Hijacking

CVE-2026-2968 – Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification

CVE-2026-2967 – Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source