CVE-2026-4471 PUBLISHED

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin_edit_employee.php. Executing a manipulation of the argument First_Name can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

• microwave (VulDB User) reporter

• VDB-351761 | itsourcecode Online Frozen Foods Ordering System admin_edit_employee.php sql injection
• VDB-351761 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #773939 | itsourcecode Online Frozen Foods Ordering System V1.0 SQL injection
• https://github.com/microwaveabi/vul/issues/1
• https://itsourcecode.com/

• SQL Injection CWE
• Injection CWE