### Key Information 1. **Vulnerability ID**: - VDB-276777 - CVE-2024-8557 2. **Vulnerability Name**: - SourceCodester Food Ordering Management System 1.0 Cancel-Order.php ID SQL Injection 3. **CVSS Meta Temp Score**: - 6.0 4. **Current Vulnerability Price**: - $0-$5k 5. **CTI Interest Score**: - 3.59 6. **Vulnerability Description**: - This vulnerability affects unknown code in SourceCodester Food Ordering Management System 1.0, located in the file `/foms/routers/cancel-order.php`. Manipulating the `id` parameter via unknown input leads to an SQL injection vulnerability. CWE classifies this issue as CWE-89. 7. **Impact**: - Affects an unknown portion of the file `/foms/routers/cancel-order.php`. Manipulating the `id` parameter via unknown input results in SQL injection. Attackers can exploit this vulnerability remotely. 8. **Public Disclosure**: - The vulnerability has been publicly disclosed and may be exploited. 9. **Vulnerability Identification**: - Identified by CVE-2024-8557. 10. **Exploitability**: - Easy to exploit and can be initiated remotely. - Technical details and public exploits are known. - MITRE ATT&CK framework references attack technique T1505. 11. **Exploit Download**: - Exploits are available for download on github.com. 12. **Search Suggestion**: - Use `inurl:foms/routers/cancel-order.php` to find potential vulnerable targets. 13. **Recommended Actions**: - No known remediation is available. - It is recommended to replace the affected component. 14. **Related Vulnerabilities**: - VDB-213070, VDB-228396, VDB-269277, VDB-269278 are very similar to this vulnerability.