CVE-2026-4532
Received Received - Intake
Remote File Access Vulnerability in Simple Food Ordering System Database Handler

Publication date: 2026-03-22

Last updated on: 2026-04-10

Assigner: VulDB

Description
A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. It is recommended to change the configuration settings.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-22
Last Modified
2026-04-10
Generated
2026-06-16
AI Q&A
2026-03-22
EPSS Evaluated
2026-06-14
NVD
CVE-2026-4532
EUVD
EUVD-2026-14266
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
carmelo simple_food_order_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-425 The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
CWE-552 The product makes files or directories accessible to unauthorized actors, even though they should not be.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-4532 is a vulnerability in version 1.0 of the Simple Food Ordering System, a PHP-based application. The issue arises because a database backup file named "food.sql" is stored in a publicly accessible web directory (/food/sql/) without proper access restrictions.'}, {'type': 'paragraph', 'content': 'This misconfiguration allows any remote user to access and download the SQL dump file directly via a URL, exposing the full database schema and stored data.'}, {'type': 'paragraph', 'content': 'The root causes include storing backup files inside the web root directory and improper server configuration that fails to restrict access to .sql files.'}] [1]

Impact Analysis

Exploitation of this vulnerability can lead to the disclosure of sensitive information such as administrator credentials, user data, order records, product information, and the database schema.

This exposure can facilitate account compromise, credential cracking, database manipulation, and potentially allow attackers to gain administrative access to the system.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the database backup file "food.sql" is publicly accessible via a web browser or HTTP requests. You can attempt to access the URL path /food/sql/food.sql on the server hosting the Simple Food Ordering System to see if the SQL dump is exposed.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect this vulnerability include using curl or wget to request the file and check the response:'}, {'type': 'list_item', 'content': 'curl -I http://yourserver/food/sql/food.sql'}, {'type': 'list_item', 'content': 'curl http://yourserver/food/sql/food.sql'}, {'type': 'list_item', 'content': 'wget --spider http://yourserver/food/sql/food.sql'}, {'type': 'paragraph', 'content': 'If these commands return the SQL file or HTTP status 200, it indicates the file is accessible and the system is vulnerable.'}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps include removing the SQL backup files from the publicly accessible web root directory and storing them in secure locations outside the web root, such as /var/backups/.'}, {'type': 'paragraph', 'content': 'Additionally, restrict access to .sql files via web server configuration to prevent direct access:'}, {'type': 'list_item', 'content': 'For Apache servers, add the following directive to deny access to .sql files: <Files "*.sql"> Require all denied </Files>'}, {'type': 'list_item', 'content': 'For Nginx servers, add this location block to deny access: location ~* \\.sql$ { deny all; }'}, {'type': 'paragraph', 'content': 'Ensure that database backups are stored in secured, access-restricted directories to prevent unauthorized access.'}] [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4532. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart