CVE-2026-24494 | Order Up Online Ordering System 1.0 POST Request getintegrations store_id sql injection

Inserito da Angelo Barbosa | Feb 23, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Order Up Online Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /api/integrations/getintegrations of the component POST Request Handler. The manipulation of the argument store_id leads to sql injection.

This vulnerability is traded as CVE-2026-24494. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-24494 | Order Up Online Ordering System 1.0 POST Request getintegrations store_id sql injection

Post correlati

CVE-2024-4561 | Progress WhatsUp Gold up to 2023.1.1 HTTP Request server-side request forgery

CVE-2024-2882 | SDG Technologies PnPSCADA up to 3.x authorization (icsa-24-179-02)

CVE-2025-47650 | Infility Global Plugin up to 2.14.7 on WordPress path traversal

CVE-2023-38651 | GTKWave 3.3.115 VZT vzt_rd_block_vch_decode integer overflow (TALOS-2023-1814)