CVE-2023-0906EPSS p46.7%

CVE-2023-0906CVE-2023-0906

online_pizza_ordering_system_project / online_pizza_ordering_system

Description

A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. Affected by this vulnerability is the function delete_category of the file ajax.php of the component POST Parameter Handler. The manipulation leads to missing authentication. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-221455.

Scoring

CVSS 7.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS0.66% probability of exploitation · percentile 46.7% · 2026-06-18T12:00:27Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.