Description


A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /updatebal.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

References



https://github.com/halhalz/-/issues/1

ExploitThird Party Advisory

https://vuldb.com/?ctiid.278889

Permissions RequiredThird Party AdvisoryVDB Entry

https://vuldb.com/?id.278889

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.416058

Third Party AdvisoryVDB Entry

Weaknesses



CWE-89


CWE-89

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-10-01T03:15:02.690

1 week ago

Last modified

2024-10-04T18:53:58.020

4 days ago