Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version v2.3.2, which originates from /ordering/admin/inventory/index.php?view=edit & id=Lack of validation of external input SQL statements can be exploited to execute illegal SQL commands to steal sensitive database data.