Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/category/index.php?view=edit&id = The page lacks validation of externally entered SQL statements, which can be exploited to execute illegal SQL commands to steal sensitive database data.