CVE-2024-9086

Name of the Vulnerable Software and Affected Versions code-projects Restaurant Reservation System version 1.0

Description A critical issue has been found in the code-projects Restaurant Reservation System. The manipulation of the from and to arguments in the /filter.php file leads to SQL injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling the /filter.php file or restricting access to it until a patch is available. As a temporary workaround, avoid using the from and to parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.