CVE-2023-45340

Name of the Vulnerable Software and Affected Versions Online Food Ordering System version 1.0

Description The Online Food Ordering System is affected by multiple Unauthenticated SQL Injection vulnerabilities. The issue arises from the phone parameter of the "routers/details-router.php" resource, which fails to validate the input characters, sending them unfiltered to the database.

Recommendations For Online Food Ordering System version 1.0, as a temporary workaround, consider validating and filtering the phone parameter in the "routers/details-router.php" resource to prevent SQL injection attacks. Restrict access to this resource until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.