PT-2023-29502 · Unknown · Online Food Ordering System

Published

2023-11-02

Updated

2024-01-02

CVE-2023-45327

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Online Food Ordering System version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. The name parameter of the "routers/add-users.php" resource does not validate the input, making it vulnerable to SQL injection attacks.

Recommendations For Online Food Ordering System version 1.0, consider validating and sanitizing the name parameter in the "routers/add-users.php" resource to prevent SQL injection attacks. As a temporary workaround, restrict access to the "routers/add-users.php" resource until a proper fix is implemented.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-45327

Affected Products

Online Food Ordering System

PT-2023-29502 · Unknown · Online Food Ordering System

CVE-2023-45327

Related Identifiers

Affected Products

References · 5