CVE Details
Basic Information
| Title | Kashipara Food Management System billAjax.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-01-07T11:31:03.585Z |
| Modified | 2025-06-03T14:39:50.259Z |
Product Information
| Vendor | Kashipara |
|---|---|
| Product | Food Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
AI Analysis
| AI Description | A SQL injection vulnerability exists in Kashipara Food Management System’s billAjax.php, allowing remote attackers to inject malicious SQL code via the item_name argument. This could lead to unauthorized data access or modification. The vulnerability is considered critical and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Kashipara |
| AI Product | Food Management System |
| AI Version | 1.0 |
Affected Products
- Kashipara Food Management System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file billAjax.php. The manipulation of the argument item_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249829 was assigned to this vulnerability.