CVE-2023-1461

Name of the Vulnerable Software and Affected Versions SourceCodester Canteen Management System version 1.0

Description A critical issue was found in the function query of the file createCategories.php, where the manipulation of the categoriesStatus argument leads to sql injection. The attack can be initiated remotely.

Recommendations For version 1.0, consider disabling the query function in createCategories.php or restricting access to it until a patch is available. Additionally, avoid using the categoriesStatus argument in the affected function to minimize the risk of exploitation.