CVE-2023-37627

critical

Description

Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc.

References

https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e

https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/

Details

Source: Mitre, NVD

Published: 2023-07-12

Updated: 2023-07-20

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H