Online Ordering System is a multi-store ordering system that can be used by any small business.An SQL injection vulnerability exists in Online Ordering System version 2.3.2, which originates from /ordering/admin/stockin/index.php?view=edit&id= The page lacks validation of externally entered SQL statements, which could be exploited to execute illegal SQL commands to steal sensitive database data.