Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.
References
Link | Resource |
---|---|
https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/ | Product |
https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Jul 2023, 17:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Code-projects online Restaurant Management System
Code-projects |
|
CWE | CWE-89 | |
CPE | cpe:2.3:a:code-projects:online_restaurant_management_system:1.0:*:*:*:*:wordpress:*:* | |
References | (MISC) https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/ - Product | |
References | (MISC) https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
12 Jul 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-12 15:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-37627
Mitre link : CVE-2023-37627
CVE.ORG link : CVE-2023-37627
JSON object : View
Products Affected
code-projects
- online_restaurant_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')