CVE Details
Basic Information
| Title | code-projects Restaurant Order System tablelow.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-16T13:31:04.921Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Restaurant Order System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability in the Restaurant Order System 1.0 allows remote attackers to inject malicious SQL code via the ID argument in tablelow.php, which could lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | High |
| Vendor | code-projects |
| Product | Restaurant Order System |
| Affected Version | 1.0 |
Affected Products
- code-projects Restaurant Order System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in code-projects Restaurant Order System 1.0 and classified as critical. This issue affects some unknown processing of the file /tablelow.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.