Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticket_id' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-11-02T13:59:16.838Z
Updated: 2024-08-02T20:21:16.474Z
Reserved: 2023-10-06T21:35:59.767Z
Link: CVE-2023-45343
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-11-02T14:15:13.033
Modified: 2023-11-30T19:19:24.807
Link: CVE-2023-45343
Redhat
No data.