Restaurent Management System
Monthly
Cross-site scripting in yashpokharna2555/restaurent-management-system allows remote unauthenticated attackers to inject arbitrary client-side script via the Username argument in login_register.php's Registration Handler. The payload executes in the browser of any user who subsequently views the tainted data - most likely an administrator reviewing registered accounts. A public exploit exists per VulDB and GitHub issue #4; no public exploit identified as confirmed actively exploited (CISA KEV). The CVSS 4.0 base score of 2.1 reflects the limited scope and required victim interaction, but the availability of a POC elevates practical risk for any deployment.
SQL injection in yashpokharna2555's restaurent-management-system exposes the /forgotpassword.php endpoint to unauthenticated remote exploitation via the POST email parameter, allowing attackers to execute arbitrary SQL against the backend database. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms no authentication or preconditions are required, and a public exploit is referenced in GitHub issue #3. The project has no versioning scheme and the maintainer has not responded to the disclosure, meaning no patch is available and all deployed instances remain vulnerable.
Cross-site scripting in yashpokharna2555/restaurent-management-system allows remote unauthenticated attackers to inject arbitrary client-side script via the Username argument in login_register.php's Registration Handler. The payload executes in the browser of any user who subsequently views the tainted data - most likely an administrator reviewing registered accounts. A public exploit exists per VulDB and GitHub issue #4; no public exploit identified as confirmed actively exploited (CISA KEV). The CVSS 4.0 base score of 2.1 reflects the limited scope and required victim interaction, but the availability of a POC elevates practical risk for any deployment.
SQL injection in yashpokharna2555's restaurent-management-system exposes the /forgotpassword.php endpoint to unauthenticated remote exploitation via the POST email parameter, allowing attackers to execute arbitrary SQL against the backend database. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms no authentication or preconditions are required, and a public exploit is referenced in GitHub issue #3. The project has no versioning scheme and the maintainer has not responded to the disclosure, meaning no patch is available and all deployed instances remain vulnerable.