Food Ordering Review System
Monthly
code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the area where users submit reservation information. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the registration function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in code-projects Food Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the occasion parameter in /admin/approve_reservation.php, resulting in limited data confidentiality and integrity impact. Despite a critical classification in the source database, the CVSS 4.0 score of 2.1 reflects the requirement for authenticated access (PR:L) and limited technical impact scope. Publicly available exploit code exists and the vulnerability has been publicly disclosed.
SQL injection in Food Ordering Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the reg_Id parameter in /user/reservation_page.php, with publicly available exploit code disclosed but low real-world exploitation risk due to CVSS 2.1 score, authentication requirement, and limited confidentiality impact.
A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the area where users submit reservation information. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the registration function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in code-projects Food Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the occasion parameter in /admin/approve_reservation.php, resulting in limited data confidentiality and integrity impact. Despite a critical classification in the source database, the CVSS 4.0 score of 2.1 reflects the requirement for authenticated access (PR:L) and limited technical impact scope. Publicly available exploit code exists and the vulnerability has been publicly disclosed.
SQL injection in Food Ordering Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the reg_Id parameter in /user/reservation_page.php, with publicly available exploit code disclosed but low real-world exploitation risk due to CVSS 2.1 score, authentication requirement, and limited confidentiality impact.
A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.