庞习铭

#9598of 53,633
28.8Total CVSS
Vulnerabilities · 4
High
4
PT-2022-26851
7.2
2022-11-01
Unknown · Canteen Management System · CVE-2022-43328
**Name of the Vulnerable Software and Affected Versions** Canteen Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `id` parameter at the "/editorder.php" API endpoint. **Recommendations** For Canteen Management System version 1.0, avoid using the `id` parameter in the "/editorder.php" endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "/editorder.php" endpoint to minimize the risk of exploitation.
PT-2022-26852
7.2
2022-11-01
Unknown · Canteen Management System · CVE-2022-43329
**Name of the Vulnerable Software and Affected Versions** Canteen Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `id` parameter at the "/print.php" API endpoint. **Recommendations** For Canteen Management System version 1.0, avoid using the `id` parameter in the "/print.php" API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "/print.php" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-26853
7.2
2022-11-01
Unknown · Canteen Management System · CVE-2022-43330
**Name of the Vulnerable Software and Affected Versions** Canteen Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `id` parameter at the "/editorder.php" API endpoint. **Recommendations** For Canteen Management System version 1.0, avoid using the `id` parameter in the "/editorder.php" API endpoint until the issue is resolved. Consider temporarily restricting access to the "/editorder.php" endpoint to minimize the risk of exploitation.
PT-2022-26854
7.2
2022-11-01
Unknown · Canteen Management System · CVE-2022-43331
**Name of the Vulnerable Software and Affected Versions** Canteen Management System version 1.0 **Description** The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the `id` parameter at the "/php action/printOrder.php" API endpoint. **Recommendations** For Canteen Management System version 1.0, consider restricting access to the "/php action/printOrder.php" endpoint until a patch is available. As a temporary workaround, avoid using the `id` parameter in the affected API endpoint to minimize the risk of exploitation.