CVE-2026-4469 PUBLISHED

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_edit_menu_action.php. Such manipulation of the argument product_name leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

• OneChicken (VulDB User) reporter

• VDB-351759 | itsourcecode Online Frozen Foods Ordering System admin_edit_menu_action.php sql injection
• VDB-351759 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #772881 | itsourcecode Online Frozen Foods Ordering System V1.0 SQL injection
• https://github.com/sjkdhl/public/issues/4
• https://itsourcecode.com/

• SQL Injection CWE
• Injection CWE