Product
A high-severity SQL injection vulnerability, CVE-2026-15135, exists in code-projects Online Food Order System 1.0 affecting the `/edit_food_items.php` file's 'update' argument, allowing remote attackers to perform unauthorized data disclosure or manipulation, with a public exploit available.