Jackswordsz

**Name of the Vulnerable Software and Affected Versions** SourceCodester Online Catering Reservation System version 1.0 **Description** A critical vulnerability has been found in the SourceCodester Online Catering Reservation System. This issue affects the file /reservation/add message.php of the component POST Parameter Handler. The manipulation of the `fullname` argument leads to SQL injection. It is possible to initiate the attack remotely. **Recommendations** For version 1.0, consider disabling the `fullname` parameter in the /reservation/add message.php file until a patch is available. Restrict access to the POST Parameter Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.