{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24494", "assignerOrgId": "66fe30d5-b042-4547-a192-c18da4c41a81", "state": "PUBLISHED", "assignerShortName": "spartans-security", "dateReserved": "2026-01-23T01:44:12.352Z", "datePublished": "2026-02-23T01:24:47.676Z", "dateUpdated": "2026-02-23T13:47:41.202Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://www.orderup.com.au/", "defaultStatus": "unaffected", "modules": ["/api/integrations/getintegrations"], "platforms": ["Windows"], "product": "Online Ordering System", "vendor": "Order Up", "versions": [{"status": "affected", "version": "1.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Subhash Paudel"}], "datePublic": "2026-02-23T01:10:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div></div>SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.<div><br></div>"}], "value": "SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request."}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "66fe30d5-b042-4547-a192-c18da4c41a81", "shortName": "spartans-security", "dateUpdated": "2026-02-23T01:24:48.333Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.spartanssec.com/post/multiple-unauthenticated-sql-injection-vulnerabilities"}], "source": {"discovery": "UNKNOWN"}, "title": "SQL injection vulnerability in Order Up Online Ordering System", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-23T13:47:28.507899Z", "id": "CVE-2026-24494", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-23T13:47:41.202Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24494", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-23T13:47:28.507899Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-23T13:47:35.061Z"}}], "cna": {"title": "SQL injection vulnerability in Order Up Online Ordering System", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Subhash Paudel"}], "impacts": [{"capecId": "CAPEC-66", "descriptions": [{"lang": "en", "value": "CAPEC-66 SQL Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Order Up", "modules": ["/api/integrations/getintegrations"], "product": "Online Ordering System", "versions": [{"status": "affected", "version": "1.0"}], "platforms": ["Windows"], "collectionURL": "https://www.orderup.com.au/", "defaultStatus": "unaffected"}], "datePublic": "2026-02-23T01:10:00.000Z", "references": [{"url": "https://www.spartanssec.com/post/multiple-unauthenticated-sql-injection-vulnerabilities", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.", "supportingMedia": [{"type": "text/html", "value": "<div></div>SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request.<div><br></div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "66fe30d5-b042-4547-a192-c18da4c41a81", "shortName": "spartans-security", "dateUpdated": "2026-02-23T01:24:48.333Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24494", "state": "PUBLISHED", "dateUpdated": "2026-02-23T13:47:41.202Z", "dateReserved": "2026-01-23T01:44:12.352Z", "assignerOrgId": "66fe30d5-b042-4547-a192-c18da4c41a81", "datePublished": "2026-02-23T01:24:47.676Z", "assignerShortName": "spartans-security"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted store_id parameter in a POST request."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en el endpoint /api/integrations/getintegrations de Order Up Online Ordering System 1.0 permite a un atacante no autenticado acceder a datos sensibles de la base de datos de backend a trav\u00e9s de un par\u00e1metro store_id manipulado en una solicitud POST."}], "id": "CVE-2026-24494", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "66fe30d5-b042-4547-a192-c18da4c41a81", "type": "Secondary"}]}, "published": "2026-02-23T02:16:39.443", "references": [{"source": "66fe30d5-b042-4547-a192-c18da4c41a81", "url": "https://www.spartanssec.com/post/multiple-unauthenticated-sql-injection-vulnerabilities"}], "sourceIdentifier": "66fe30d5-b042-4547-a192-c18da4c41a81", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "66fe30d5-b042-4547-a192-c18da4c41a81", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows"], "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Online Ordering System", "source": "cna", "vendor": "Order Up"}, "product": "online_ordering_system", "vendor": "order_up"}], "analysis": {"en": {"generated_at": "2026-04-17T16:25:15.968712+00:00", "value": {"mitigation_remediation": ["Apply an official patch or upgrade to a corrected version of Order Up Online Ordering System when it becomes available.", "Restrict unauthenticated access to the /api/integrations/getintegrations endpoint by enforcing authentication or IP whitelisting.", "Implement input validation and use parameterized database queries for the store_id parameter to eliminate injection risks."], "summary": {"action": "Assess Impact", "impact": "Unauthenticated data exfiltration via SQL injection"}, "threat_synthesis": {"affected_systems": "The exposed product is Order Up Online Ordering System version 1.0. No other affected versions were identified in the CNA data.", "description_and_impact": "SQL injection occurs in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 when the store_id parameter in a POST request is not properly sanitized. An attacker can alter this parameter to inject arbitrary SQL, enabling the retrieval of sensitive backend database information. The vulnerability results in unauthorized data disclosure with a CVSS base score of 9.8, indicating a critical level of risk.", "risk_and_exploitability": "The CVSS score of 9.8 demonstrates a severe threat, while the EPSS score of less than 1% suggests that, as of the data provided, exploitation is unlikely to occur frequently. The vulnerability can be triggered by any unauthenticated actor who can send a crafted HTTP POST request to the vulnerable endpoint, likely from any network location that can reach the API service. Although the exploit does not require authentication or privilege escalation, successful exploitation would allow an attacker to view or potentially modify sensitive database contents, compromising confidentiality."}}}}, "created": "2026-02-23T14:28:28.258378+00:00", "updated": "2026-04-17T16:30:05.835148+00:00", "vendors": ["order_up", "order_up$PRODUCT$online_ordering_system"]}