CVE-2026-10694

Summary

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used.

Affected Software

VendorProductVersion RangeStatus
SourceCodesterOnline Food Ordering System2.0affected

Weaknesses

  • CWE-73: File Inclusion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References